Fresh re-keying II: securing multiple parties against side-channel and fault attacks

Authors:
Marcel Medwed;Christoph Petit;Francesco Regazzoni;Mathieu Renauld;François-Xavier Standaert
Affiliations:
UCL Crypto Group, Université Catholique de Louvain, Louvain-la-Neuve, Belgium;UCL Crypto Group, Université Catholique de Louvain, Louvain-la-Neuve, Belgium;UCL Crypto Group, Université Catholique de Louvain, Louvain-la-Neuve, Belgium;UCL Crypto Group, Université Catholique de Louvain, Louvain-la-Neuve, Belgium;UCL Crypto Group, Université Catholique de Louvain, Louvain-la-Neuve, Belgium
Venue:
CARDIS'11 Proceedings of the 10th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Year:
2011

Citing 21
Cited 0

Towards Sound Approaches to Counteract Power-Analysis Attacks

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
DES and Differential Power Analysis (The "Duplication" Method)

CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
Multiplicative Masking and Power Analysis of AES

CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Error Analysis and Detection Procedures for a Hardware Implementation of the Advanced Encryption Standard

IEEE Transactions on Computers
A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation

Proceedings of the conference on Design, automation and test in Europe - Volume 1
Leakage-Resilient Cryptography

FOCS '08 Proceedings of the 2008 49th Annual IEEE Symposium on Foundations of Computer Science
A Leakage-Resilient Mode of Operation

EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Algebraic Side-Channel Attacks on the AES: Why Time also Matters in DPA

CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
A simple power-analysis (SPA) attack on implementations of the AES key expansion

ICISC'02 Proceedings of the 5th international conference on Information security and cryptology
Improved side-channel collision attacks on AES

SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
Experimental Security Analysis of a Modern Automobile

SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Practical leakage-resilient pseudorandom generators

Proceedings of the 17th ACM conference on Computer and communications security
Leakage-resilient pseudorandom functions and side-channel attacks on Feistel networks

CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Provably secure higher-order masking of AES

CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Algebraic side-channel analysis in the presence of errors

CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Montgomery's trick and fast implementation of masked AES

AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
Extractors against side-channel attacks: weak or strong?

CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Hardware Implementation of a Flexible Tag Platform for Passive RFID Devices

DSD '11 Proceedings of the 2011 14th Euromicro Conference on Digital System Design
Fresh re-keying: security against side-channel and fault attacks for low-cost devices

AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
An AES smart card implementation resistant to power analysis attacks

ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Concurrent error detection schemes for fault-based side-channel cryptanalysis of symmetric block ciphers

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Security-aware embedded systems are widespread nowadays and many applications, such as payment, pay-TV and automotive applications rely on them. These devices are usually very resource constrained but at the same time likely to operate in a hostile environment. Thus, the implementation of low-cost protection mechanisms against physical attacks is vital for their market relevance. An appealing choice, to counteract a large family of physical attacks with one mechanism, seem to be protocol-level countermeasures. At last year's Africacrypt, a fresh re-keying scheme has been presented which combines the advantages of re-keying with those of classical countermeasures such as masking and hiding. The contribution of this paper is threefold: most importantly, the original fresh re-keying scheme was limited to one low-cost party (e.g. an RFID tag) in a two party communication scenario. In this paper we extend the scheme to n low-cost parties and show that the scheme is still secure. Second, one unanswered question in the original paper was the susceptibility of the scheme to algebraic SPA attacks. Therefore, we analyze this property of the scheme. Finally, we implemented the scheme on a common 8-bit microcontroller to show its efficiency in software.