A split-mask countermeasure for low-energy secure embedded systems

Future wireless embedded devices will be increasingly powerful, supporting many more applications, including one of the most crucial---security. Although many embedded devices offer more resistance to bus---probing attacks because of their compact size, susceptibility to power or electromagnetic analysis attacks must be analyzed. This paper presents a new split-mask countermeasure to thwart low-order differential power analysis (DPA) and differential EM analysis (DEMA). For the first time, real-power and EM measurements are used to analyze the difficulty of launching new third-order DPA and DEMA attacks on a popular low-energy 32-bit embedded ARM processor. Results show that the new split-mask countermeasure provides increased security without large overheads of energy dissipation, compared to previous research. With the emergence of security applications in PDAs, cell phones, and other embedded devices, low-energy countermeasures for resistance to low-order DPA/DEMA is crucial for supporting future enabled wireless internet.

[1]  Stefan Mangard,et al.  A Simple Power-Analysis (SPA) Attack on Implementations of the AES Key Expansion , 2002, ICISC.

[2]  Dakshi Agrawal,et al.  The EM Side-Channel(s) , 2002, CHES.

[3]  Jean-Sébastien Coron,et al.  Statistics and Secret Leakage , 2000, Financial Cryptography.

[4]  Elena Trichina,et al.  Secure and Efficient AES Software Implementation for Smart Cards , 2004, WISA.

[5]  Çetin Kaya Koç,et al.  An High-speed ECC-based Wireless Authentication Protocol on an ARM Microprocessor , 2000 .

[6]  David A. Wagner,et al.  Towards Efficient Second-Order Power Analysis , 2004, CHES.

[7]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.

[8]  Kouichi Itoh,et al.  DPA Countermeasure Based on the "Masking Method" , 2001, ICISC.

[9]  Thomas S. Messerges,et al.  Investigations of Power Analysis Attacks on Smartcards , 1999, Smartcard.

[10]  Jovan Dj. Golic,et al.  Multiplicative Masking and Power Analysis of AES , 2002, CHES.

[11]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[12]  Çetin Kaya Koç,et al.  A high-speed ECC-based wireless authentication on an ARM microprocessor , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[13]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[14]  Jean-Sébastien Coron,et al.  Statistics and secret leakage , 2000, TECS.

[15]  Paul Dischamp,et al.  Power Analysis, What Is Now Possible , 2000, ASIACRYPT.

[16]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[17]  Brian R. Gladman A Specification for Rijndael, the AES Algorithm , 2001 .

[18]  Anand Raghunathan,et al.  Securing wireless data: system architecture challenges , 2002, 15th International Symposium on System Synthesis, 2002..

[19]  Louis Goubin,et al.  DES and Differential Power Analysis (The "Duplication" Method) , 1999, CHES.

[20]  Thomas S. Messerges,et al.  Using Second-Order Power Analysis to Attack DPA Resistant Software , 2000, CHES.

[21]  Narayanan Vijaykrishnan,et al.  Masking the Energy Behavior of DES Encryption , 2003, DATE.

[22]  Thomas S. Messerges,et al.  Securing the AES Finalists Against Power Analysis Attacks , 2000, FSE.

[23]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[24]  Elena Trichina,et al.  Secure and Efficient AES Software Implementation for Smart Caards , 2004, IACR Cryptol. ePrint Arch..