Practical template-algebraic side channel attacks with extremely low data complexity

Template-based Tolerant Algebraic Side Channel Attacks (Template-TASCA) were suggested in [20] as a way of reducing the high data complexity of template attacks by coupling them with algebraic side-channel attacks. In contrast to the maximum-likelihood method used in a standard template attack, the template-algebraic attack method uses a constraint solver to find the optimal state correlated to the measured side-channel leakage. In this work we present the first application of the template-algebraic key recovery attack to a publicly available data set (IAIK WS2). We show how our attack can successfully recover the encryption key even when the attacker has extremely limited access to the device under test -- only 200 traces in the offline phase and as little as a single trace in the online phase.

[1]  François-Xavier Standaert,et al.  An optimal Key Enumeration Algorithm and its Application to Side-Channel Attacks , 2012, IACR Cryptol. ePrint Arch..

[2]  Takafumi Aoki,et al.  Security Evaluation of Cryptographic Modules against Profiling Attacks , 2012, ICISC.

[3]  Christof Paar,et al.  A Stochastic Model for Differential Side Channel Cryptanalysis , 2005, CHES.

[4]  Annelie Heuser,et al.  Intelligent Machine Homicide - Breaking Cryptographic Devices Using Support Vector Machines , 2012, COSADE.

[5]  Tobias Achterberg,et al.  Constraint integer programming , 2007 .

[6]  Elisabeth Oswald,et al.  Practical Template Attacks , 2004, WISA.

[7]  François-Xavier Standaert,et al.  Algebraic Side-Channel Attacks on the AES: Why Time also Matters in DPA , 2009, CHES.

[8]  Timo Berthold,et al.  Nonlinear Pseudo-Boolean Optimization: Relaxation or Propagation? , 2009, SAT.

[9]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[10]  Annelie Heuser,et al.  Improved algebraic side-channel attack on AES , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[11]  François-Xavier Standaert,et al.  Algebraic Side-Channel Attacks , 2009, Inscrypt.

[12]  Avishai Wool,et al.  Algebraic Side-Channel Attacks Beyond the Hamming Weight Leakage Model , 2012, CHES.

[13]  Werner Schindler Sorin A. Huss,et al.  Constructive Side-Channel Analysis and Secure Design , 2012, Lecture Notes in Computer Science.

[14]  Christof Paar,et al.  Breaking Mifare DESFire MF3ICD40: Power Analysis and Templates in the Real World , 2011, CHES.

[15]  Fabio Massacci,et al.  Logical Cryptanalysis as a SAT Problem , 2000, Journal of Automated Reasoning.

[16]  Roland Wunderling,et al.  Paralleler und objektorientierter Simplex-Algorithmus , 1996 .

[17]  Joachim Biskup,et al.  Inference Control in Logic Databases as a Constraint Satisfaction Problem , 2007, ICISS.

[18]  William Stallings,et al.  THE ADVANCED ENCRYPTION STANDARD , 2002, Cryptologia.

[19]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[20]  Sylvain Guilley,et al.  Practical Improvements of Profiled Side-Channel Attacks on a Hardware Crypto-Accelerator , 2010, AFRICACRYPT.

[21]  Nicolas Sklavos,et al.  Side Channel Attacks Cryptanalysis against Block Ciphers Based on FPGA Devices , 2010, 2010 IEEE Computer Society Annual Symposium on VLSI.

[22]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[23]  Tobias Achterberg,et al.  SCIP: solving constraint integer programs , 2009, Math. Program. Comput..

[24]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[25]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[26]  Avishai Wool,et al.  Algebraic Side-Channel Analysis in the Presence of Errors , 2010, CHES.