Paper 2015/717

Towards Secure Cryptographic Software Implementation Against Side-Channel Power Analysis Attacks

Pei Luo, Liwei Zhang, Yunsi Fei, and A. Adam Ding

Abstract

Side-channel attacks have been a real threat against many critical embedded systems that rely on cryptographic algorithms as their security engine. A commonly used algorithmic countermeasure, random masking, incurs large execution delay and resource overhead. The other countermeasure, operation shuffling or permutation, can mitigate side-channel leakage effectively with minimal overhead. In this paper, we target utilizing the independence among operations in cryptographic algorithms and randomizing their execution order. We design a tool to automatically detect such independence between statements at the source code level and devise an algorithm for automatic operation shuffling. We test our algorithm on the new SHA3 standard, Keccak. Results show that the tool has effectively implemented operation-shuffling to reduce the side-channel leakage significantly, and therefore can guide automatic secure cryptographic software implementations against differential power analysis attacks.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Major revision. 26th IEEE International Conference on Application-specific Systems, Architectures and Processors
Contact author(s)
silenceluo @ gmail com
History
2015-07-20: received
Short URL
https://ia.cr/2015/717
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/717,
      author = {Pei Luo and Liwei Zhang and Yunsi Fei and A.  Adam Ding},
      title = {Towards Secure Cryptographic Software Implementation Against Side-Channel Power Analysis Attacks},
      howpublished = {Cryptology ePrint Archive, Paper 2015/717},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/717}},
      url = {https://eprint.iacr.org/2015/717}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.