Power analysis attack and countermeasure on the Rabbit Stream Cipher (position paper)

Recently, there has been extensive research on mobile devices and stream cipher to increase security. The Rabbit stream cipher was selected for the final eSTREAM portfolio organized by EU ECRYPT and as one of algorithms of the ISO/IEC 18033-4 Stream Ciphers on ISO Security Standardization. As the Rabbit evaluated the complexity of side-channel analysis attack as 'medium' in a theoretical approach, the method of correlation power analysis attack and the feasibility of a practical power analysis attack in the experiments are described in this paper. We also propose a countermeasure with random masking and hiding schemes for linear operation. We construct the algorithm of the countermeasure with an additional operating time of 24% with 12.3% increased memory requirements to maintain high-speed performance. We use an eight-bit RISC AVR microprocessor (ATmega 128L) to implement our methods to show that the proposed method is secure against correlation power analysis attacks in practical experiments.

[1]  Martin Boesgaard,et al.  The Rabbit Stream Cipher - Design and Security Analysis , 2004, IACR Cryptol. ePrint Arch..

[2]  Emmanuel Prouff,et al.  Higher-Order Masking and Shuffling for Software Implementations of Block Ciphers , 2009, CHES.

[3]  Raja Iqbal,et al.  SCUR: Secure Communications in Wireless Sensor Networks using Rabbit , 2008 .

[4]  Yu Chen,et al.  Breaking and Fixing the Self Encryption Scheme for Data Security in Mobile Devices , 2010, 2010 18th Euromicro Conference on Parallel, Distributed and Network-based Processing.

[5]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[6]  Wieland Fischer,et al.  Differential Power Analysis of Stream Ciphers , 2007, CT-RSA.

[7]  Stefan Tillich,et al.  Attacking State-of-the-Art Software Countermeasures-A Case Study for AES , 2008, CHES.

[8]  Fengqi Yu,et al.  Correlation Power Analysis Attack against Synchronous Stream Ciphers , 2008, 2008 The 9th International Conference for Young Computer Scientists.

[9]  Ilya Mironov,et al.  (Not So) Random Shuffles of RC4 , 2002, IACR Cryptol. ePrint Arch..

[10]  Emmanuel Prouff,et al.  Provably Secure Higher-Order Masking of AES , 2010, IACR Cryptol. ePrint Arch..

[11]  Yu Chen,et al.  Self-Encryption Scheme for Data Security in Mobile Devices , 2009, 2009 6th IEEE Consumer Communications and Networking Conference.

[12]  Martin Boesgaard,et al.  A Description of the Rabbit Stream Cipher Algorithm , 2006, RFC.