Paper 2013/842

Detecting Hidden Leakages

Amir Moradi, Sylvain Guilley, and Annelie Heuser

Abstract

Reducing the entropy of the mask is a technique which has been proposed to mitigate the high performance overhead of masked software implementations of symmetric block ciphers. Rotating S-box Masking (RSM) is an example of such schemes applied to AES with the purpose of maintaining the security at least against univariate first-order side-channel attacks. This article examines the vulnerability of a realization of such technique using the side-channel measurements publicly available through DPA contest V4. Our analyses which focus on exploiting the first-order leakage of the implementation discover a couple of potential attacks which can recover the secret key. Indeed the leakage we exploit is due to a design mistake as well as the characteristics of the implementation platform, none of which has been considered during the design of the countermeasure (implemented in naive C code).

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. ACNS 2014
Keywords
side-channel analysisleakage detectionvariance testNICVcorrelation-collisionCPAhidden modelslinear regression.
Contact author(s)
amir moradi @ rub de
History
2014-03-28: revised
2013-12-17: received
See all versions
Short URL
https://ia.cr/2013/842
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2013/842,
      author = {Amir Moradi and Sylvain Guilley and Annelie Heuser},
      title = {Detecting Hidden Leakages},
      howpublished = {Cryptology ePrint Archive, Paper 2013/842},
      year = {2013},
      note = {\url{https://eprint.iacr.org/2013/842}},
      url = {https://eprint.iacr.org/2013/842}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.