Block Ciphers Implementations Provably Secure Against Second Order Side Channel Analysis

In the recent years, side channel analysis has received a lot of attention, and attack techniques have been improved. Side channel analysis of second order is now successful in breaking implementations of block ciphers supposed to be effectively protected. This progress shows not only the practicability of second order attacks, but also the need for provably secure countermeasures. Surprisingly, while many studies have been dedicated to the attacks, only a few papers have been published about the dedicated countermeasures. In fact, only the method proposed by Schramm and Paar at CT-RSA 2006 enables to thwart second order side channel analysis. In this paper, we introduce two new methods which constitute a worthwhile alternative to Schramm and Paar's proposal. We prove their security in a strong security model and we exhibit a way to significantly improve their efficiency by using the particularities of the targeted architectures. Finally, we argue that the introduced methods allow us to efficiently protect a wide variety of block ciphers, including AES.

[1]  Jean-Sébastien Coron,et al.  Side Channel Cryptanalysis of a Higher Order Masking Scheme , 2007, CHES.

[2]  Louis Goubin,et al.  Two Power Analysis Attacks against One-Mask Methods , 2004, FSE.

[3]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[4]  Louis Goubin,et al.  A Generic Protection against High-Order Differential Power Analysis , 2003, FSE.

[5]  Eric Peeters,et al.  Improved Higher-Order Side-Channel Attacks with FPGA Experiments , 2005, CHES.

[6]  Emmanuel Prouff,et al.  A Generic Method for Secure SBox Implementation , 2007, WISA.

[7]  Stefan Mangard,et al.  Side-Channel Leakage of Masked CMOS Gates , 2005, CT-RSA.

[8]  Eric Peeters,et al.  Towards security limits in side-channel attacks (with an application to block ciphers) , 2006 .

[9]  Christof Paar,et al.  Gaussian Mixture Models for Higher-Order Side Channel Analysis , 2007, CHES.

[10]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[11]  François-Xavier Standaert,et al.  Security analysis of higher-order Boolean masking schemes for block ciphers (with conditions of perfect masking) , 2008, IET Inf. Secur..

[12]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[13]  Louis Goubin,et al.  DES and Differential Power Analysis (The "Duplication" Method) , 1999, CHES.

[14]  Thomas S. Messerges,et al.  Securing the AES Finalists Against Power Analysis Attacks , 2000, FSE.

[15]  Christof Paar,et al.  Higher Order Masking of the AES , 2006, CT-RSA.

[16]  Christof Paar,et al.  A Stochastic Model for Differential Side Channel Cryptanalysis , 2005, CHES.

[17]  Eric Peeters,et al.  Power and electromagnetic analysis: Improved model, consequences and comparisons , 2007, Integr..

[18]  Stefan Mangard,et al.  An AES Smart Card Implementation Resistant to Power Analysis Attacks , 2006, ACNS.

[19]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[20]  Marc Joye,et al.  On Second-Order Differential Power Analysis , 2005, CHES.

[21]  Stefan Mangard,et al.  Practical Second-Order DPA Attacks for Masked Smart Card Implementations of Block Ciphers , 2006, CT-RSA.

[22]  Jiqiang Lu,et al.  Enhanced DES Implementation Secure Against High-Order Differential Power Analysis in Smartcards , 2005, ACISP.

[23]  David A. Wagner,et al.  Towards Efficient Second-Order Power Analysis , 2004, CHES.

[24]  Stefan Mangard,et al.  Template Attacks on Masking - Resistance Is Futile , 2007, CT-RSA.

[25]  Eric Peeters,et al.  Towards Security Limits in Side-Channel Attacks , 2006, CHES.

[26]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[27]  Johannes Blömer,et al.  Provably Secure Masking of AES , 2004, IACR Cryptol. ePrint Arch..

[28]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[29]  Marc Joye,et al.  On Second-Order Difierential Power Analysis ? , 2005 .

[30]  Daisuke Suzuki,et al.  Security Evaluation of DPA Countermeasures Using Dual-Rail Pre-charge Logic Style , 2006, CHES.