Passive and Active Combined Attacks on AES Combining Fault Attacks and Side Channel Analysis

Tamper resistance of hardware products is currently a very popular subject for researchers in the security domain. Since the first Kocher side-channel (passive)attack, the Bellcore researchers and Biham and Shamir fault (active) attacks, many other side-channel and fault attacks have been published. The design of efficient countermeasures still remains a difficult task for IC designers and manufacturers as they must also consider the attacks which combine active and passive threats. It has been shown previously that combined attacks can defeat RSA implementations if side-channel countermeasures and fault protections are developed separately instead of being designed together. This paper demonstrates that combined attacks are also effective on symmetric cryptosystems and shows how they may jeopardize a supposedly state of the art secure AES implementation.

[1]  Christophe Giraud,et al.  An RSA Implementation Resistant to Fault Attacks and to Simple Power Analysis , 2006, IEEE Transactions on Computers.

[2]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[3]  Paul Dischamp,et al.  Power Analysis, What Is Now Possible , 2000, ASIACRYPT.

[4]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[5]  Louis Goubin,et al.  Two Power Analysis Attacks against One-Mask Methods , 2004, FSE.

[6]  Ludger Hemme,et al.  A Differential Fault Attack Against Early Rounds of (Triple-)DES , 2004, CHES.

[7]  Pierre Dusart,et al.  Differential Fault Analysis on A.E.S , 2003, ACNS.

[8]  Marc Joye,et al.  Low-cost solutions for preventing simple side-channel analysis: side-channel atomicity , 2004, IEEE Transactions on Computers.

[9]  Louis Goubin,et al.  A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems , 2003, Public Key Cryptography.

[10]  Robert H. Sloan,et al.  Power Analysis Attacks of Modular Exponentiation in Smartcards , 1999, CHES.

[11]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[12]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[13]  Edward S. Davidson,et al.  Highly concurrent scalar processing , 1986, ISCA 1986.

[14]  Jean-Pierre Seifert,et al.  On authenticated computing and RSA-based authentication , 2005, CCS '05.

[15]  Thomas S. Messerges,et al.  Using Second-Order Power Analysis to Attack DPA Resistant Software , 2000, CHES.

[16]  Sergei P. Skorobogatov Optically Enhanced Position-Locked Power Analysis , 2006, CHES.

[17]  Christophe Giraud,et al.  A Survey on Fault Attacks , 2004, CARDIS.

[18]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[19]  David Schultz,et al.  The Program Counter Security Model: Automatic Detection and Removal of Control-Flow Side Channel Attacks , 2005, ICISC.

[20]  Erik Knudsen,et al.  Ways to Enhance Differential Power Analysis , 2002, ICISC.

[21]  JaeCheol Ha,et al.  Power Analysis by Exploiting Chosen Message and Internal Collisions - Vulnerability of Checking Mechanism for RSA-Decryption , 2005, Mycrypt.

[22]  Bart Preneel,et al.  Mutual Information Analysis , 2008, CHES.

[23]  Nicholas Nethercote,et al.  Valgrind: A Program Supervision Framework , 2003, RV@CAV.

[24]  Mark G. Karpovsky,et al.  DPA on Faulty Cryptographic Hardware and Countermeasures , 2006, FDTC.

[25]  Tanja Lange,et al.  Handbook of Elliptic and Hyperelliptic Curve Cryptography , 2005 .

[26]  Frédéric Valette,et al.  The Doubling Attack - Why Upwards Is Better than Downwards , 2003, CHES.

[27]  Jean-Pierre Seifert,et al.  Fault Based Cryptanalysis of the Advanced Encryption Standard (AES) , 2003, Financial Cryptography.

[28]  Ingrid Verbauwhede,et al.  Partition vs. Comparison Side-Channel Distinguishers: An Empirical Evaluation of Statistical Tests for Univariate Side-Channel Attacks against Two Unprotected CMOS Devices , 2009, ICISC.

[29]  Christophe Clavier,et al.  Why One Should Also Secure RSA Public Key Elements , 2006, CHES.

[30]  Arjen K. Lenstra Memo on RSA signature generation in the presence of faults , 1996 .

[31]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.

[32]  Jean-Jacques Quisquater,et al.  A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD , 2003, CHES.

[33]  David Naccache,et al.  The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[34]  Marc Joye,et al.  Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis , 2000, IEEE Trans. Computers.

[35]  David Brumley,et al.  Remote timing attacks are practical , 2003, Comput. Networks.

[36]  Christophe Clavier,et al.  Fault Analysis of DPA-Resistant Algorithms , 2006, FDTC.

[37]  Jean-Pierre Seifert,et al.  A new CRT-RSA algorithm secure against bellcore attacks , 2003, CCS '03.

[38]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[39]  Vincent Rijmen,et al.  A Side-Channel Analysis Resistant Description of the AES S-Box , 2005, FSE.

[40]  Jean-Sébastien Coron,et al.  On Boolean and Arithmetic Masking against Differential Power Analysis , 2000, CHES.

[41]  Stefan Mangard,et al.  Successfully Attacking Masked AES Hardware Implementations , 2005, CHES.

[42]  Seungjoo Kim,et al.  A Countermeasure against One Physical Cryptanalysis May Benefit Another Attack , 2001, ICISC.

[43]  Christophe Giraud,et al.  DFA on AES , 2004, AES Conference.