Cryptology ePrint Archive: Report 2014/702

Defeating ISO9797-1 MAC Algo 3 by Combining Side-Channel and Brute Force Techniques

Benoit Feix and Hugues Thiebeauld

Abstract: Side-channel analysis is a well-known and efficient hardware technique to recover embedded secrets in microprocessors. Over the past years, the state-of-the-art side-channel attacks has significantly increased, leading to a myriad of vulnerability paths that secure codes must withstand. Nowadays most of the attacks target the cryptographic algorithms, but very few exploit the cryptographic protocol. In this paper, we present a new attack that exploits the information exchange at the cryptographic protocol level in order to disclose the secret key. This attack is applicable to the MAC calculations standardized in ISO/IEC 9797-1 especially the MAC algorithm 3 with the DES function. This protocol is spread in secure products nowadays, this is the case typically for some EMV implementations. By using a side-channel technique combined with a reasonable brute force effort, we show that the secret key can be fully retrieved even though the DES implementation seems to be well-protected against side-channel attacks.

Category / Keywords: side-channel analysis, DES, MAC ISO/IEC 9797-1, exhaustive search.

Date: received 5 Sep 2014, last revised 5 Sep 2014

Contact author: benoit feix at ul com

Available format(s): PDF | BibTeX Citation

Version: 20140905:191135 (All versions of this report)

Short URL: ia.cr/2014/702

Discussion forum: Show discussion | Start new discussion