Cryptology ePrint Archive: Report 2015/411

Side-Channel Analysis of MAC-Keccak Hardware Implementations

Pei Luo and Yunsi Fei and Xin Fang and A. Adam Ding and David R. Kaeli and Miriam Leeser

Abstract: As Keccak has been selected as the new SHA-3 standard, Message Authentication Code (MAC) (MAC-Keccak) using a secret key will be widely used for integrity checking and authenticity assurance. Recent works have shown the feasibility of side-channel attacks against software implementations of MAC-Keccak to retrieve the key, with the security assessment of hardware implementations remaining an open problem. In this paper, we present a comprehensive and practical side-channel analysis of a hardware implementation of MAC-Keccak on FPGA. Different from previous works, we propose a new attack method targeting the first round output of MAC-Keccak rather than the linear operation $\theta$ only. The results on sampled power traces show that the unprotected hardware implementation of MAC-Keccak is vulnerable to side-channel attacks, and attacking the nonlinear operation of MAC-Keccak is very effective. We further discuss countermeasures against side-channel analysis on hardware MAC-Keccak. Finally, we discuss the impact of the key length on side-channel analysis and compare the attack complexity between MAC-Keccak and other cryptographic algorithms.

Category / Keywords: implementation / side-channel attacks, SHA-3

Original Publication (with minor differences): Hardware and Architectural Support for Security and Privacy (HASP) 2015

Date: received 30 Apr 2015

Contact author: silenceluo at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20150501:122034 (All versions of this report)

Short URL: ia.cr/2015/411

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]