Key Update Countermeasure for Correlation-Based Side-Channel Attacks

Side-channel analysis is a non-invasive form of attack that reveals the secret key of the cryptographic circuit by analyzing the leaked physical information. The traditional brute-force and cryptanalysis attacks target the weakness in the encryption algorithm, whereas side-channel attacks use statistical models such as differential analysis and correlation analysis on the leaked information gained from the cryptographic device during the run-time. As a non-invasive and passive attack, the side-channel attack brings a lot of difficulties for detection and defense. In this work, we propose a key update scheme as a countermeasure for power and electromagnetic analysis-based attacks on the cryptographic device. The proposed countermeasure utilizes a secure coprocessor to provide secure key generation and storage in a trusted environment. The experimental results show that the proposed key update scheme can mitigate side-channel attacks significantly.

[1]  Stefan Mangard,et al.  Masked Dual-Rail Pre-charge Logic: DPA-Resistance Without Routing Constraints , 2005, CHES.

[2]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[3]  An Wang,et al.  Random key rotation: Side-channel countermeasure of NTRU cryptosystem for resource-limited devices , 2017, Comput. Electr. Eng..

[4]  Johannes Blömer,et al.  Provably Secure Masking of AES , 2004, IACR Cryptol. ePrint Arch..

[5]  F. Madlener,et al.  Novel hardening techniques against differential power analysis for multiplication in GF(2n) , 2009, 2009 International Conference on Field-Programmable Technology.

[6]  Massoud Masoumi,et al.  Efficient implementation of masked AES on Side-Channel Attack Standard Evaluation Board , 2015, 2015 International Conference on Information Society (i-Society).

[7]  Thomas S. Messerges,et al.  Investigations of Power Analysis Attacks on Smartcards , 1999, Smartcard.

[8]  François-Xavier Standaert,et al.  Fresh Re-keying: Security against Side-Channel and Fault Attacks for Low-Cost Devices , 2010, AFRICACRYPT.

[9]  Patrick Schaumont,et al.  Identifying and Eliminating Side-Channel Leaks in Programmable Systems , 2018, IEEE Design & Test.

[10]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[11]  Pratiksha Vilas Mankar Key updating for leakage resiliency with application to Shannon security OTP and AES modes of operation , 2017, 2017 International Conference on IoT and Application (ICIOT).

[12]  Yutian Gui,et al.  Hardware Based Root of Trust for Electronic Control Units , 2018, SoutheastCon 2018.

[13]  Apostolos P. Fournaris,et al.  Protecting CRT RSA against Fault and Power Side Channel Attacks , 2012, 2012 IEEE Computer Society Annual Symposium on VLSI.

[14]  Alin Suciu,et al.  Benchmarking the True Random Number Generator of TPM Chips , 2010, ArXiv.

[15]  Emmanuel Prouff,et al.  Masking against Side-Channel Attacks: A Formal Security Proof , 2013, EUROCRYPT.

[16]  François-Xavier Standaert,et al.  Fresh Re-keying II: Securing Multiple Parties against Side-Channel and Fault Attacks , 2011, CARDIS.

[17]  Michael Orshansky,et al.  Fresh re-keying with strong PUFs: A new approach to side-channel security , 2018, 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[18]  Michael Orshansky,et al.  Novel strong PUF based on nonlinearity of MOSFET subthreshold operation , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[19]  Yier Jin,et al.  Introduction to Hardware Security , 2015, Electronics.

[20]  Akashi Satoh,et al.  Comparison of side-channel attack on cryptographic cirucits between old and new technology FPGAs , 2016, 2016 IEEE 5th Global Conference on Consumer Electronics.

[21]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[22]  James F. Plusquellic,et al.  Hardware Assisted Security Architecture for Smart Grid , 2018, IECON 2018 - 44th Annual Conference of the IEEE Industrial Electronics Society.

[23]  Sorin A. Huss,et al.  A Novel Mutating Runtime Architecture for Embedding Multiple Countermeasures Against Side-Channel Attacks , 2017 .

[24]  Christof Paar,et al.  Pushing the Limits: A Very Compact and a Threshold Implementation of AES , 2011, EUROCRYPT.

[25]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[26]  I. Verbauwhede,et al.  A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards , 2002, Proceedings of the 28th European Solid-State Circuits Conference.

[27]  Vincent Rijmen,et al.  Threshold Implementations Against Side-Channel Attacks and Glitches , 2006, ICICS.

[28]  Weiwei Shan,et al.  Correlation-Based Electromagnetic Analysis Attack Using Haar Wavelet Reconstruction with Low-Pass Filtering on an FPGA Implementaion of AES , 2018, 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE).

[29]  S. Yang,et al.  AES-Based Security Coprocessor IC in 0.18-$muhbox m$CMOS With Resistance to Differential Power Analysis Side-Channel Attacks , 2006, IEEE Journal of Solid-State Circuits.

[30]  Ramesh Karri,et al.  Attacks and Defenses for JTAG , 2010, IEEE Design & Test of Computers.

[31]  Ming Yang,et al.  A novel network delay based side-channel attack: Modeling and defense , 2012, 2012 Proceedings IEEE INFOCOM.