Key Updating for Leakage Resiliency With Application to AES Modes of Operation

Side-channel analysis (SCA) exploits the information leaked through unintentional outputs (e.g., power consumption) to reveal the secret key of cryptographic modules. The real threat of SCA lies in the ability to mount attacks over small parts of the key and to aggregate information over different encryptions. The threat of SCA can be thwarted by changing the secret key at every run. Indeed, many contributions in the domain of leakage resilient cryptography tried to achieve this goal. However, the proposed solutions were computationally intensive and were not designed to solve the problem of the current cryptographic schemes. In this paper, we propose a generic framework of lightweight key updating that can protect the current cryptographic standards and evaluate the minimum requirements for heuristic SCA-security. Then, we propose a complete solution to protect the implementation of any standard mode of Advanced Encryption Standard. Our solution maintains the same level of SCA-security (and sometimes better) as the state of the art, at a negligible area overhead while doubling the throughput of the best previous work.

[1]  Patrick Schaumont,et al.  ASIC implementations of five SHA-3 finalists , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[2]  Antoine Joux,et al.  Towards Super-Exponential Side-Channel Security with Efficient Leakage-Resilient PRFs , 2012, CHES.

[3]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[4]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[5]  François-Xavier Standaert,et al.  Practical Leakage-Resilient Pseudorandom Objects with Minimum Public Randomness , 2013, CT-RSA.

[6]  László Lovász,et al.  Factoring polynomials with rational coefficients , 1982 .

[7]  Elisabeth Oswald,et al.  A Leakage Resilient MAC , 2015, IMACC.

[8]  Arash Reyhani-Masoleh,et al.  Efficient and High-Performance Parallel Hardware Architectures for the AES-GCM , 2012, IEEE Transactions on Computers.

[9]  Yevgeniy Dodis,et al.  Leakage-Resilient Pseudorandom Functions and Side-Channel Attacks on Feistel Networks , 2010, CRYPTO.

[10]  Stefan Mangard,et al.  Towards fresh re-keying with leakage-resilient PRFs: cipher design principles and analysis , 2014, Journal of Cryptographic Engineering.

[11]  Johannes Blömer,et al.  Provably Secure Masking of AES , 2004, IACR Cryptol. ePrint Arch..

[12]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[13]  Sebastian Faust,et al.  Practical Leakage-Resilient Symmetric Cryptography , 2012, CHES.

[14]  Christof Paar,et al.  Pushing the Limits: A Very Compact and a Threshold Implementation of AES , 2011, EUROCRYPT.

[15]  Xiaolin Cao,et al.  Application-oriented SHA-256 hardware design for low-cost RFID , 2012, 2012 IEEE International Symposium on Circuits and Systems.

[16]  François-Xavier Standaert,et al.  Fresh Re-keying: Security against Side-Channel and Fault Attacks for Low-Cost Devices , 2010, AFRICACRYPT.

[17]  Paul Kocher Complexity and the challenges of securing SoCs , 2011, 2011 48th ACM/EDAC/IEEE Design Automation Conference (DAC).

[18]  Patrick Schaumont,et al.  Prototype IC with WDDL and Differential Routing - DPA Resistance Assessment , 2005, CHES.

[19]  Benjamin Recht,et al.  Probability of unique integer solution to a system of linear equations , 2011, Eur. J. Oper. Res..

[20]  Moti Yung,et al.  Leakage Resilient Cryptography in Practice , 2010, Towards Hardware-Intrinsic Security.

[21]  Stefan Dziembowski,et al.  Leakage-Resilient Cryptography , 2008, 2008 49th Annual IEEE Symposium on Foundations of Computer Science.

[22]  P. Rohatgi,et al.  A testing methodology for side channel resistance , 2011 .

[23]  Krzysztof Pietrzak,et al.  A Leakage-Resilient Mode of Operation , 2009, EUROCRYPT.