On Physical Obfuscation of Cryptographic Algorithms

We describe a solution for physically obfuscating the representation of a cipher, to augment chips resistance against physical threats, by combining ideas from masking techniques and Physical Obfuscated Keys (POKs). With embedded chips --- like RFID tags --- as main motivation, we apply this strategy to the representation of a Linear Feedback Shift Register (LFSR). The application of this technique to LFSR-based stream ciphers, such as the Self Shrinking Generator, enables to share key materials between several chips within a system while increasing the resistance of the system against compromise of chips. An extension of our ideas to non-linear ciphers is also presented with an illustration onto Trivium.

[1]  Lejla Batina,et al.  RFID-Tags for Anti-counterfeiting , 2006, CT-RSA.

[2]  Hugo Krawczyk,et al.  LFSR-based Hashing and Authentication , 1994, CRYPTO.

[3]  Kwangjo Kim,et al.  Securing HB+ against GRS Man-in-the-Middle Attack , 2007 .

[4]  Nigel P. Smart,et al.  Advances in Cryptology - EUROCRYPT 2008, 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Istanbul, Turkey, April 13-17, 2008. Proceedings , 2008, EUROCRYPT.

[5]  Johannes Blömer,et al.  Provably Secure Masking of AES , 2004, IACR Cryptol. ePrint Arch..

[6]  F. MacWilliams,et al.  The Theory of Error-Correcting Codes , 1977 .

[7]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[8]  Julien Bringer,et al.  Trusted-HB: A Low-Cost Version of HB $^+$ Secure Against Man-in-the-Middle Attacks , 2008, IEEE Transactions on Information Theory.

[9]  Julien Bringer,et al.  HB^+^+: a Lightweight Authentication Protocol Secure against Some Attacks , 2006, Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06).

[10]  Jorge Munilla,et al.  HB-MP: A further step in the HB-family of lightweight authentication protocols , 2007, Comput. Networks.

[11]  Blaise L. P. Gassend,et al.  Physical random functions , 2003 .

[12]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[13]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.

[14]  Stephen Thomas The W7 Stream Cipher Algorithm , 2002 .

[15]  Douglas R. Stinson,et al.  Advances in Cryptology — CRYPTO’ 93 , 2001, Lecture Notes in Computer Science.

[16]  Colin Boyd,et al.  Advances in Cryptology - ASIACRYPT 2001 , 2001 .

[17]  Alfredo De Santis,et al.  Advances in Cryptology — EUROCRYPT'94 , 1994, Lecture Notes in Computer Science.

[18]  Guido Bertoni,et al.  RadioGatún, a belt-and-mill hash function , 2006, IACR Cryptol. ePrint Arch..

[19]  Vincent Rijmen,et al.  A Side-Channel Analysis Resistant Description of the AES S-Box , 2005, FSE.

[20]  Adi Shamir,et al.  Un-Trusted-HB: Security Vulnerabilities of Trusted-HB , 2009, IACR Cryptol. ePrint Arch..

[21]  Dong Hoon Lee,et al.  Security Analysis of a Variant of Self-Shrinking Generator , 2008, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[22]  Jorge Guajardo,et al.  FPGA Intrinsic PUFs and Their Use for IP Protection , 2007, CHES.

[23]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[24]  Hu Yupu,et al.  Weak generalized self-shrinking generators , 2007 .

[25]  Yannick Seurin,et al.  HB#: Increasing the Security and Efficiency of HB+ , 2008, EUROCRYPT.

[26]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[27]  Adi Shamir,et al.  RFID Authentication Efficient Proactive Information Security within Computational Security , 2009, Theory of Computing Systems.

[28]  Berk Sunar,et al.  PUF-HB: A Tamper-Resilient HB Based Authentication Protocol , 2008, ACNS.

[29]  David Chaum,et al.  Advances in Cryptology — EUROCRYPT’ 87 , 2000, Lecture Notes in Computer Science.

[30]  David Pointcheval Topics in Cryptology - CT-RSA 2006, The Cryptographers' Track at the RSA Conference 2006, San Jose, CA, USA, February 13-17, 2006, Proceedings , 2006, CT-RSA.

[31]  Ingrid Verbauwhede,et al.  Cryptographic hardware and embedded systems : CHES 2007 : 9th International Workshop, Vienna, Austria, September 10-13, 2007 : proceedings , 2007 .

[32]  Hugo Krawczyk,et al.  The Shrinking Generator , 1994, CRYPTO.

[33]  Srinivas Devadas,et al.  Silicon physical random functions , 2002, CCS '02.

[34]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[35]  Christophe De Cannière,et al.  Trivium: A Stream Cipher Construction Inspired by Block Cipher Design Principles , 2006, ISC.

[36]  Inbok Lee,et al.  A Simple Algorithm for Transposition-Invariant Amplified (delta, gamma)-Matching , 2008, IEICE Trans. Inf. Syst..

[37]  B. Preneel,et al.  Trivium Specifications ? , 2022 .

[38]  Berk Sunar,et al.  Unclonable Lightweight Authentication Scheme , 2008, ICICS.

[39]  Manuel Blum,et al.  Secure Human Identification Protocols , 2001, ASIACRYPT.

[40]  Julien Bringer,et al.  Improved Privacy of the Tree-Based Hash Protocols Using Physically Unclonable Function , 2008, SCN.

[41]  C. G. Giinther ALTERNATING STEP GENERATORS CONTROLLED BY DE BRUIJN SEQUENCES , 1988 .

[42]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[43]  Willi Meier,et al.  The Self-Shrinking Generator , 1994, EUROCRYPT.