论文信息 - On the Leakage between Arithmetic Components of DES Algorithm

On the Leakage between Arithmetic Components of DES Algorithm

Security of cryptographic embedded devices has become a prevalent concern, especially since the introduction of Differential Power Analysis (DPA) by Paul Kocher et al. In the past years, many efforts have been made to improve the resistance against Side Channel Attack (SCA) of cryptographic devices. Among the countermeasures, masking is a typical and efficient strategy. However, a number of effective attacks on masked cryptographic devices have been developed in recent years, and this paper continues this line of research. On theory, a DES with a masking scheme is secure under first order SCA, but we dig out a new leakage problem which makes it possible to attack a masked DES without using higher-order power analysis. Concretely, we perform a first-order correlation power analysis based on the leakage relationship between two different arithmetic components of DES. And the reason for this leakage is analyzed and verified by us through simulation and real card attacks. Keywords—Data Encryption Standard (DES); Differential Power Analysis (DPA); Side Channel Attack (SCA); Leakage between components; Masking; Smartcards.

Zhigang Mao | Zheng Guo | Junrong Liu | Jiachao Chen | Yijie Ge

[1] Paul C. Kocher,et al. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[2] Christophe Clavier,et al. Correlation Power Analysis with a Leakage Model , 2004, CHES.

[3] Johannes Blömer,et al. Provably Secure Masking of AES , 2004, IACR Cryptol. ePrint Arch..

[4] Kyung-Hee Lee,et al. Small Size, Low Power, Side Channel-Immune AES Coprocessor: Design and Synthesis Results , 2004, AES Conference.

[5] Thomas S. Messerges,et al. Securing the AES Finalists Against Power Analysis Attacks , 2000, FSE.

[6] Christophe Giraud,et al. An Implementation of DES and AES, Secure against Some Attacks , 2001, CHES.

[7] Vincent Rijmen,et al. A Side-Channel Analysis Resistant Description of the AES S-Box , 2005, FSE.

[8] Louis Goubin,et al. Two Power Analysis Attacks against One-Mask Methods , 2004, FSE.

[9] Pankaj Rohatgi,et al. Template Attacks , 2002, CHES.

[10] R. Davis,et al. The data encryption standard in perspective , 1978, IEEE Communications Society Magazine.

[11] Paul C. Kocher,et al. Differential Power Analysis , 1999, CRYPTO.

[12] Thomas S. Messerges,et al. Investigations of Power Analysis Attacks on Smartcards , 1999, Smartcard.

[13] Louis Goubin,et al. DES and Differential Power Analysis (The "Duplication" Method) , 1999, CHES.