Security evaluation of Tree Parity Re-keying Machine implementations utilizing side-channel emissions

In this work, side-channel attacks (SCAs) are considered as a security metric for the implementation of hybrid cryptosystems utilizing the neural network-based Tree Parity Re-Keying Machines (TPM). A virtual study is presented within the MATLAB environment that explores various scenarios in which the TPM may be compromised. Performance metrics are evaluated to model possible embedded system implementations. A new algorithm is proposed and coined as Man-in-the-Middle Power Analysis (MIMPA) as a means to copy the TPM’s generated keys. It is shown how the algorithm can identify vulnerabilities in the physical device in which the cryptosystem is implemented by using its power emissions. Finally, a machine learning approach is used to identify the capabilities of neural networks to recognize properties of keys produced in the TPM as they are transferred to an encryption algorithm. The results show that physical exploits of TPM implementations in embedded systems can be identified and accounted for before a final release. The experiments and data acquisition is demonstrated with an implementation of a TPM-AES hybrid cryptosystem in an AVR microcontroller.

[1]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[2]  I Kanter,et al.  Secure key-exchange protocol with an absence of injective functions. , 2002, Physical review. E, Statistical, nonlinear, and soft matter physics.

[3]  Joos Vandewalle,et al.  Machine learning in side-channel analysis: a first study , 2011, Journal of Cryptographic Engineering.

[4]  Antonio García,et al.  Quantization analysis and enhancement of a VLSI gradient-based motion estimation architecture , 2012, Digit. Signal Process..

[5]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[6]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[7]  Markus Volkmer Entity Authentication and Authenticated Key Exchange with Tree Parity Machines , 2006, IACR Cryptol. ePrint Arch..

[8]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[9]  W. Kinzel,et al.  Secure exchange of information by synchronization of neural networks , 2002 .

[10]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[11]  Marc Joye,et al.  Weierstraß Elliptic Curves and Side-Channel Attacks , 2002, Public Key Cryptography.

[12]  Feng Zhou,et al.  Keyboard acoustic emanations revisited , 2005, CCS '05.

[13]  Robert Dolejší,et al.  The First Study , 1939 .

[14]  Christoph G. Günther,et al.  An Identity-Based Key-Exchange Protocol , 1990, EUROCRYPT.

[15]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[16]  Uwe Meyer-Baese,et al.  Optimization of high speed pipelining in FPGA-based FIR filter design using genetic algorithm , 2012, Defense + Commercial Sensing.

[17]  Christof Paar,et al.  Understanding Cryptography: A Textbook for Students and Practitioners , 2009 .

[18]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[19]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[20]  Kouichi Sakurai,et al.  On Insecurity of the Side Channel Attack Countermeasure Using Addition-Subtraction Chains under Distinguishability between Addition and Doubling , 2002, ACISP.

[21]  Eduardo Ros Vidal,et al.  Robust Bioinspired Architecture for Optical-Flow Computation , 2010, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.