Wide Collisions in Practice

Detecting collisions in the power consumption of a modern cryptographic engine is usually difficult due to small leakages and possible countermeasures. Wide collisions offer a much stronger leakage that significantly facilitates their detection. This is the first time wide collisions are exploited in a power analysis attack. In this work we introduce a collision detection method based on the detection of characteristic outliers. Detection results are compared to optimized subspace-based templates. We show that the outlier detection method, while not requiring a template building phase, is almost as effective in detecting collisions as the template-based approach.

[1]  Mitsuru Matsui,et al.  Cryptographic Hardware and Embedded Systems - CHES 2006, 8th International Workshop, Yokohama, Japan, October 10-13, 2006, Proceedings , 2006, CHES.

[2]  Elisabeth Oswald,et al.  Practical Template Attacks , 2004, WISA.

[3]  Christof Paar,et al.  A Collision-Attack on AES: Combining Side Channel- and Differential-Attack , 2004, CHES.

[4]  Andrey Bogdanov,et al.  Multiple-Differential Side-Channel Collision Attacks on AES , 2008, CHES.

[5]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[6]  Andrey Bogdanov,et al.  Improved Side-Channel Collision Attacks on AES , 2007, Selected Areas in Cryptography.

[7]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[8]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[9]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[10]  Josef Pieprzyk Topics in Cryptology - CT-RSA 2010, The Cryptographers' Track at the RSA Conference 2010, San Francisco, CA, USA, March 1-5, 2010. Proceedings , 2010, CT-RSA.

[11]  Marc Joye,et al.  Cryptographic Hardware and Embedded Systems - CHES 2004 , 2004, Lecture Notes in Computer Science.

[12]  Eric Peeters,et al.  Template Attacks in Principal Subspaces , 2006, CHES.

[13]  Andrey Bogdanov,et al.  Differential Cache-Collision Timing Attacks on AES with Applications to Embedded CPUs , 2010, CT-RSA.

[14]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[15]  Bart Preneel,et al.  Mutual Information Analysis , 2008, CHES.

[16]  Bart Preneel,et al.  Mutual Information Analysis A Generic Side-Channel Distinguisher , 2008 .

[17]  Vincent Rijmen,et al.  Progress in Cryptology - INDOCRYPT 2008, 9th International Conference on Cryptology in India, Kharagpur, India, December 14-17, 2008. Proceedings , 2008, INDOCRYPT.

[18]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2002 , 2003, Lecture Notes in Computer Science.

[19]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[20]  Andrey Bogdanov,et al.  Algebraic Methods in Side-Channel Collision Attacks and Practical Collision Detection , 2008, INDOCRYPT.

[21]  Andrey Bogdanov,et al.  Beyond the Limits of DPA: Combined Side-Channel Collision Attacks , 2012, IEEE Transactions on Computers.

[22]  Elisabeth Oswald,et al.  Cryptographic Hardware and Embedded Systems - CHES 2008, 10th International Workshop, Washington, D.C., USA, August 10-13, 2008. Proceedings , 2008, CHES.