AES T-Box tampering attack

The use of embedded block memories (BRAMs) in Xilinx FPGA devices makes it possible to store the T-Boxes that are employed to implement the AES block cipher’s SubBytes and MixColumns operations. Several studies into BRAM resistance to side-channel attacks have been reported in the literature, whereas this paper presents a novel attack based on tampering the BRAMs storing the T-Boxes. This approach allows recovering the key using a ciphertext-only attack for all AES key sizes. The complexity of the attack makes it completely feasible. The attack was mounted against previously reported FPGA-based AES implementations, taking into account the different design criteria used in each case and focusing mainly on the implementation of the final round of the AES algorithm, which plays a crucial role in the analysis. Three different final round implementations extracted from well-known existing architectures are analyzed in this work. The paper also discusses some countermeasures with regard to security, performance and FPGA resource utilization. The attack is presented against FPGA-based implementations but it can be extended to software architectures as well.

[1]  Stephan Krenn,et al.  Cache Games -- Bringing Access-Based Cache Attacks on AES to Practice , 2011, 2011 IEEE Symposium on Security and Privacy.

[2]  Tim Güneysu,et al.  DSPs, BRAMs and a Pinch of Logic: New Recipes for AES on FPGAs , 2008, 2008 16th International Symposium on Field-Programmable Custom Computing Machines.

[3]  David Canright,et al.  A Very Compact S-Box for AES , 2005, CHES.

[4]  Jérémie Crenne,et al.  SecURe DPR: Secure update preventing replay attacks for dynamic partial reconfiguration , 2012, 22nd International Conference on Field Programmable Logic and Applications (FPL).

[5]  Morris J. Dworkin,et al.  SP 800-38D. Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC , 2007 .

[6]  Christof Paar,et al.  Black-Box Side-Channel Attacks Highlight the Importance of Countermeasures - An Analysis of the Xilinx Virtex-4 and Virtex-5 Bitstream Encryption Mechanism , 2012, CT-RSA.

[7]  Gregor Leander,et al.  On the Classification of 4 Bit S-Boxes , 2007, WAIFI.

[8]  Jean-Didier Legat,et al.  Compact and efficient encryption/decryption module for FPGA implementation of the AES Rijndael very well suited for small embedded applications , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[9]  Sylvain Guilley,et al.  From cryptography to hardware: analyzing and protecting embedded Xilinx BRAM for cryptographic applications , 2013, Journal of Cryptographic Engineering.

[10]  Alessandro Barenghi,et al.  On the vulnerability of FPGA bitstream encryption against power analysis attacks: extracting keys from xilinx Virtex-II FPGAs , 2011, CCS '11.

[11]  William Smith,et al.  Linear Cryptanalysis of Simplified AES Under Change of S-Box , 2013, Cryptologia.

[12]  Tim Good,et al.  AES on FPGA from the Fastest to the Smallest , 2005, CHES.

[13]  Tim Kerins,et al.  A Cautionary Note on Weak Implementations of Block Ciphers , 2006 .

[14]  Jens-Peter Kaps,et al.  Investigation of DPA Resistance of Block RAMs in Cryptographic Implementations on FPGAs , 2010, 2010 International Conference on Reconfigurable Computing and FPGAs.

[15]  Dakshi Agrawal,et al.  The EM Side-Channel(s) , 2002, CHES.

[16]  Morris J. Dworkin,et al.  Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping , 2012 .

[17]  Christof Paar,et al.  FPGA Trojans Through Detecting and Weakening of Cryptographic Primitives , 2015, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[18]  Çetin Kaya Koç,et al.  About Cryptographic Engineering , 2008, Cryptographic Engineering.

[19]  Adi Shamir,et al.  Efficient Cache Attacks on AES, and Countermeasures , 2010, Journal of Cryptology.

[20]  Kris Tiri,et al.  On the complexity of side-channel attacks on AES-256 - methodology and quantitative results on cache attacks , 2007, IACR Cryptol. ePrint Arch..

[21]  Graham Steel,et al.  YubiSecure? Formal Security Analysis Results for the Yubikey and YubiHSM , 2012, STM.

[22]  Morris J. Dworkin SP 800-38C. Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality , 2004 .

[23]  Jean-Jacques Quisquater,et al.  A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD , 2003, CHES.

[24]  Christof Paar,et al.  On the Portability of Side-Channel Attacks – An Analysis of the Xilinx Virtex 4 , Virtex 5 , and Spartan 6 Bitstream Encryption Mechanism – , 2011 .

[25]  Jean-Pierre Seifert,et al.  Simple photonic emission analysis of AES , 2013, Journal of Cryptographic Engineering.

[26]  Morris J. Dworkin,et al.  SP 800-38B. Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication , 2005 .

[27]  Milos Drutarovský,et al.  Two Methods of Rijndael Implementation in Reconfigurable Hardware , 2001, CHES.

[28]  Morris J. Dworkin,et al.  Recommendation for Block Cipher Modes of Operation: Methods and Techniques , 2001 .

[29]  Amir Moradi,et al.  A Generalized Method of Differential Fault Attack Against AES Cryptosystem , 2006, CHES.

[30]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[31]  Chung-Cheng Hsieh,et al.  Embedded a low area 32-bit AES for image encryption/decryption application , 2009, 2009 IEEE International Symposium on Circuits and Systems.

[32]  Jean-Jacques Quisquater,et al.  Implementation of the AES-128 on Virtex-5 FPGAs , 2008, AFRICACRYPT.

[33]  Lilian Bossuet,et al.  Secure Extension of FPGA General Purpose Processors for Symmetric Key Cryptography with Partial Reconfiguration Capabilities , 2012, TRETS.

[34]  Joan Daemen,et al.  AES Proposal : Rijndael , 1998 .

[35]  Morris J. Dworkin,et al.  SP 800-38A 2001 edition. Recommendation for Block Cipher Modes of Operation: Methods and Techniques , 2001 .