Efficient removal of random delays from embedded software implementations using hidden markov models

Authors:
François Durvaux;Mathieu Renauld;François-Xavier Standaert;Loic van Oldeneel tot Oldenzeel;Nicolas Veyrat-Charvillon
Affiliations:
ICTEAM/ELEN/Crypto Group, Université catholique de Louvain, Louvain-la-Neuve, Belgium;ICTEAM/ELEN/Crypto Group, Université catholique de Louvain, Louvain-la-Neuve, Belgium;ICTEAM/ELEN/Crypto Group, Université catholique de Louvain, Louvain-la-Neuve, Belgium;ICTEAM/ELEN/Crypto Group, Université catholique de Louvain, Louvain-la-Neuve, Belgium;ICTEAM/ELEN/Crypto Group, Université catholique de Louvain, Louvain-la-Neuve, Belgium
Venue:
CARDIS'12 Proceedings of the 11th international conference on Smart Card Research and Advanced Applications
Year:
2012

Citing 19
Cited 0

Towards Sound Approaches to Counteract Power-Analysis Attacks

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Differential Power Analysis in the Presence of Hardware Countermeasures

CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
Template Attacks

CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Instruction Stream Mutation for Non-Deterministic Processors

ASAP '02 Proceedings of the IEEE International Conference on Application-Specific Systems, Architectures, and Processors
Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security)

Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security)
Using Subspace-Based Template Attacks to Compare and Combine Power and Electromagnetic Information Leakages

CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
SCARE of an Unknown Hardware Feistel Implementation

CARDIS '08 Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks

EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
An Efficient Method for Random Delay Generation in Embedded Software

CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Efficient use of random delays in embedded software

WISTP'07 Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems
Analysis and improvement of the random delay countermeasure of CHES 2009

CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Defeating any secret cryptography with SCARE attacks

LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
Improving differential power analysis by elastic alignment

CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Building a side channel based disassembler

Transactions on computational science X
Formal framework for the evaluation of waveform resynchronization algorithms

WISTP'11 Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication
SCARE of the DES

ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
A stochastic model for differential side channel cryptanalysis

CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
An AES smart card implementation resistant to power analysis attacks

ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
An efficient method for eliminating random delays in power traces of embedded software

ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology

Quantified Score

Hi-index	0.00

Visualization

Abstract

Inserting random delays in cryptographic implementations is often used as a countermeasure against side-channel attacks. Most previous works on the topic focus on improving the statistical distribution of these delays. For example, efficient random delay generation algorithms have been proposed at CHES 2009/2010. These solutions increase security against attacks that solve the lack of synchronization between different leakage traces by integrating them. In this paper, we demonstrate that integration may not be the best tool to evaluate random delay insertions. For this purpose, we first describe different attacks exploiting pattern-recognition techniques and Hidden Markov Models. Using these tools and as a case study, we perform successful key recoveries against an implementation of the CHES 2009/2010 proposal in an Atmel microcontroller, with the same data complexity as against an unprotected implementation of the AES Rijndael. In other words, we completely cancel the countermeasure in this case. Next, we show that our cryptanalysis tools are remarkably robust to attack improved variants of the countermeasure, e.g. with additional noise or irregular dummy operations. We also exhibit that the attacks remain applicable in a non-profiled adversarial scenario. These results suggest that the use of random delays may not be effective for protecting small embedded devices against side-channel leakage. They highlight the strength of Viterbi decoding against such time-randomization countermeasures, in particular when combined with a precise description of the target implementations, using large lattices.