CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of Block Ciphers with Overdefined Systems of Equations
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
A block cipher based pseudo random number generator secure against side-channel key recovery
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Two New Techniques of Side-Channel Cryptanalysis
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
Algebraic Methods in Side-Channel Collision Attacks and Practical Collision Detection
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
A Leakage-Resilient Mode of Operation
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Blind differential cryptanalysis for enhanced power attacks
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
A simple power-analysis (SPA) attack on implementations of the AES key expansion
ICISC'02 Proceedings of the 5th international conference on Information security and cryptology
Algebraic cryptanalysis of the data encryption standard
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
Improved side-channel collision attacks on AES
SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
Block ciphers sensitive to gröbner basis attacks
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
An AES smart card implementation resistant to power analysis attacks
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
An efficient masking scheme for AES software implementations
WISA'05 Proceedings of the 6th international conference on Information Security Applications
Practical leakage-resilient pseudorandom generators
Proceedings of the 17th ACM conference on Computer and communications security
Algebraic side-channel analysis in the presence of errors
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
On side-channel resistant block cipher usage
ISC'10 Proceedings of the 13th international conference on Information security
Algebraic side-channel attacks
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Cryptanalysis of CLEFIA using differential methods with cache trace patterns
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
A formal study of power variability issues and side-channel attacks for nanoscale devices
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Fresh re-keying: security against side-channel and fault attacks for low-cost devices
AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
Practical power analysis attacks on software implementations of mceliece
PQCrypto'10 Proceedings of the Third international conference on Post-Quantum Cryptography
Fresh re-keying II: securing multiple parties against side-channel and fault attacks
CARDIS'11 Proceedings of the 10th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
COSADE'12 Proceedings of the Third international conference on Constructive Side-Channel Analysis and Secure Design
Algebraic side-channel attacks beyond the hamming weight leakage model
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Towards super-exponential side-channel security with efficient leakage-resilient PRFs
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Controversy Corner: Efficient Hamming weight-based side-channel cube attacks on PRESENT
Journal of Systems and Software
ACM Transactions on Information and System Security (TISSEC)
Practical template-algebraic side channel attacks with extremely low data complexity
Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy
Side channel analysis of the SHA-3 finalists
DATE '12 Proceedings of the Conference on Design, Automation and Test in Europe
A new model for error-tolerant side-channel cube attacks
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Hi-index | 0.00 |
Algebraic side-channel attacks have been recently introduced as a powerful cryptanalysis technique against block ciphers. These attacks represent both a target algorithm and its physical information leakages as an overdefined system of equations that the adversary tries to solve. They were first applied to PRESENT because of its simple algebraic structure. In this paper, we investigate the extent to which they can be exploited against the AES Rijndael and discuss their practical specificities. We show experimentally that most of the intuitions that hold for PRESENT can also be observed for an unprotected implementation of Rijndael in an 8-bit controller. Namely, algebraic side-channel attacks can recover the AES master key with the observation of a single encrypted plaintext and they easily deal with unknown plaintexts/ciphertexts in this context. Because these attacks can take advantage of the physical information corresponding to all the cipher rounds, they imply that one cannot trade speed for code size (or gate count) without affecting the physical security of a leaking device. In other words, more intermediate computations inevitably leads to more exploitable leakages. We analyze the consequences of this observation on two different masking schemes and discuss its impact on other countermeasures. Our results exhibit that algebraic techniques lead to a new understanding of implementation weaknesses that is different than classical side-channel attacks.