Paper 2014/702

Defeating ISO9797-1 MAC Algo 3 by Combining Side-Channel and Brute Force Techniques

Benoit Feix and Hugues Thiebeauld

Abstract

Side-channel analysis is a well-known and efficient hardware technique to recover embedded secrets in microprocessors. Over the past years, the state-of-the-art side-channel attacks has significantly increased, leading to a myriad of vulnerability paths that secure codes must withstand. Nowadays most of the attacks target the cryptographic algorithms, but very few exploit the cryptographic protocol. In this paper, we present a new attack that exploits the information exchange at the cryptographic protocol level in order to disclose the secret key. This attack is applicable to the MAC calculations standardized in ISO/IEC 9797-1 especially the MAC algorithm 3 with the DES function. This protocol is spread in secure products nowadays, this is the case typically for some EMV implementations. By using a side-channel technique combined with a reasonable brute force effort, we show that the secret key can be fully retrieved even though the DES implementation seems to be well-protected against side-channel attacks.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Keywords
side-channel analysisDESMAC ISOIEC 9797-1exhaustive search.
Contact author(s)
benoit feix @ ul com
History
2014-09-05: received
Short URL
https://ia.cr/2014/702
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2014/702,
      author = {Benoit Feix and Hugues Thiebeauld},
      title = {Defeating {ISO9797}-1 {MAC} Algo 3 by Combining Side-Channel and Brute Force Techniques},
      howpublished = {Cryptology {ePrint} Archive, Paper 2014/702},
      year = {2014},
      url = {https://eprint.iacr.org/2014/702}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.