DPA on hardware implementations of Ascon and Keyak

This work applies side channel analysis on hardware implementations of two CAESAR candidates, Keyak and Ascon. Both algorithms are cryptographic sponges with an iterated permutation. The algorithms share an s-box so attacks on the non-linear step of the permutation are similar. This work presents the first results of a DPA attack on Keyak using traces generated by an FPGA. A new attack is crafted for a larger sensitive variable to reduce the number of traces. It also presents and applies the first CPA attack on Ascon. Using a toy-sized threshold implementation of Ascon we try to give insight in the order of the steps of a permutation.

[1]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[2]  Markus Kasper,et al.  The World is Not Enough: Another Look on Second-Order DPA , 2010, IACR Cryptol. ePrint Arch..

[3]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[4]  Vincent Rijmen,et al.  Threshold Implementations Against Side-Channel Attacks and Glitches , 2006, ICICS.

[5]  Philippe Pierre Pebay,et al.  Formulas for robust, one-pass parallel computation of covariances and arbitrary-order statistical moments. , 2008 .

[6]  Eric Peeters,et al.  Improved Higher-Order Side-Channel Attacks with FPGA Experiments , 2005, CHES.

[7]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[8]  Joan Daemen,et al.  Changing of the Guards: A Simple and Efficient Method for Achieving Uniformity in Threshold Sharing , 2017, CHES.

[9]  Vincent Rijmen,et al.  Efficient and First-Order DPA Resistant Implementations of Keccak , 2013, CARDIS.

[10]  Patrick Schaumont,et al.  Side-Channel Analysis of MAC-Keccak , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[11]  Guido Bertoni,et al.  Power analysis of hardware implementations protected with secret sharing , 2012, 2012 45th Annual IEEE/ACM International Symposium on Microarchitecture Workshops.

[12]  Paul Bottinelli,et al.  Computational aspects of correlation power analysis , 2016, Journal of Cryptographic Engineering.

[13]  Jack W. Dunlap Combinative Properties of Correlation Coefficients , 1937 .

[14]  David R. Kaeli,et al.  Side-channel analysis of MAC-Keccak hardware implementations , 2015, HASP@ISCA.

[15]  Vincent Rijmen,et al.  Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches , 2011, Journal of Cryptology.

[16]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[17]  Emmanuel Prouff,et al.  Masking against Side-Channel Attacks: A Formal Security Proof , 2013, EUROCRYPT.

[18]  G. V. Assche,et al.  Permutation-based encryption , authentication and authenticated encryption , 2012 .