Improved collision-correlation power analysis on first order protected AES

Authors:
Christophe Clavier;Benoit Feix;Georges Gagnerot;Mylène Roussellet;Vincent Verneuil
Affiliations:
XLIM-CNRS, Université de Limoges, France;XLIM-CNRS, Université de Limoges, France and INSIDE Secure, Aix-en-Provence, France;XLIM-CNRS, Université de Limoges, France and INSIDE Secure, Aix-en-Provence, France;INSIDE Secure, Aix-en-Provence, France;INSIDE Secure, Aix-en-Provence, France and Institut de Mathématiques de Bordeaux, France
Venue:
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Year:
2011

Citing 17
Cited 7

Differential Power Analysis

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Securing the AES Finalists Against Power Analysis Attacks

FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Using Second-Order Power Analysis to Attack DPA Resistant Software

CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
An Implementation of DES and AES, Secure against Some Attacks

CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Multiplicative Masking and Power Analysis of AES

CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security)

Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security)
Multiple-Differential Side-Channel Collision Attacks on AES

CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Mutual Information Analysis

CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks

EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
An improved SCARE cryptanalysis against a secret A3/A8 GSM algorithm

ICISS'07 Proceedings of the 3rd international conference on Information systems security
Improved side-channel collision attacks on AES

SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
A very compact "Perfectly masked" S-box for AES

ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Correlation-enhanced power analysis collision attack

CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Provably secure higher-order masking of AES

CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Defeating RSA multiply-always and message blinding countermeasures

CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
A side-channel analysis resistant description of the AES s-box

FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Successfully attacking masked AES hardware implementations

CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems

Statistical tools flavor side-channel collision attacks

EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Same values power analysis using special points on elliptic curves

COSADE'12 Proceedings of the Third international conference on Constructive Side-Channel Analysis and Secure Design
Unified and optimized linear collision attacks and their application in a non-profiled setting

CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
A low-entropy first-degree secure provable masking scheme for resource-constrained devices

Proceedings of the Workshop on Embedded Systems Security
Collision-Correlation attack against some 1st-order boolean masking schemes in the context of secure devices

COSADE'13 Proceedings of the 4th international conference on Constructive Side-Channel Analysis and Secure Design
First-order collision attack on protected NTRU cryptosystem

Microprocessors & Microsystems
High-order timing attacks

Proceedings of the First Workshop on Cryptography and Security in Computing Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

The recent results presented by Moradi et al. on AES at CHES 2010 and Witteman et al. on square-and-multiply always RSA exponentiation at CT-RSA 2011 have shown that collision-correlation power analysis is able to recover the secret keys on embedded implementations. However, we noticed that the attack published last year by Moradi et al. is not efficient on correctly first-order protected implementations. We propose in this paper improvements on collision-correlation attacks which require less power traces than classical second-order power analysis techniques.We present here two new methods and show in practice their real efficiency on two first-order protected AES implementations. We also mention that other symmetric embedded algorithms can be targeted by our new techniques.