Paper 2010/385

First-Order Side-Channel Attacks on the Permutation Tables Countermeasure –Extended Version–

Emmanuel Prouff and Robert McEvoy

Abstract

The use of random permutation tables as a side-channel attack countermeasure was recently proposed by Coron [6]. The countermeasure operates by ensuring that during the execution of an algorithm, each intermediate variable that is handled is in a permuted form described by the random permutation tables. In this paper, we examine the application of this countermeasure to the AES algorithm as described in [6], and show that certain operations admit first-order side-channel leakage. New side-channel attacks are developed to exploit these flaws, using correlation-based and mutual information-based methods. The attacks have been verified in simulation, and in practice on a smart card.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. A short version of this paper has been published in the proceedings of CHES 2009 conference.
Keywords
Side Channel AttackCountermeasureAES
Contact author(s)
e prouff @ oberthur com
History
2010-07-07: received
Short URL
https://ia.cr/2010/385
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2010/385,
      author = {Emmanuel Prouff and Robert McEvoy},
      title = {First-Order Side-Channel Attacks on the Permutation Tables Countermeasure –Extended Version–},
      howpublished = {Cryptology ePrint Archive, Paper 2010/385},
      year = {2010},
      note = {\url{https://eprint.iacr.org/2010/385}},
      url = {https://eprint.iacr.org/2010/385}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.