Paper 2016/1149
Exploiting Safe Error based Leakage of RFID Authentication Protocol using Hardware Trojan Horse
Krishna Bagadia, Urbi Chatterjee, Debapriya Basu Roy, Debdeep Mukhopadhyay, and Rajat Subhra Chakraborty
Abstract
Radio-Frequency Identification tags are used for several applications requiring authentication mechanisms, which if subverted can lead to dire consequences. Many of these devices are based on low-cost Integrated Circuits which are designed in off-shore fabrication facilities and thus raising concerns about their trust. Recently, a lightweight entity authentication protocol called LCMQ was proposed, which is based on Learning Parity with Noise, Circulant Matrix, and Multivariate Quadratic problems. This protocol was proven to be secure against Man-in-the-middle attack and cipher-text only attacks. In this paper, we show that in the standard setting, although the authentication uses two $m$ bit keys, $\mathbf{K_1}$ and $\mathbf{K_2}$, knowledge of only $\mathbf{K_2}$ is sufficient to forge the authentication. Based on this observation, we design a stealthy malicious modification to the circuitry based on the idea of Safe-errors to leak $\mathbf{K_2}$ and thus can be used to forge the entire authentication mechanism. We develop a Field Programmable Gate Array prototype of the design which is extremely lightweight and can be implemented using four Lookup tables.
Metadata
- Available format(s)
- Category
- Implementation
- Publication info
- Preprint. MINOR revision.
- Keywords
- Hardware Trojan HorseLCMQSafe Error
- Contact author(s)
- krishna bagadia2 @ gmail com
- History
- 2016-12-21: received
- Short URL
- https://ia.cr/2016/1149
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2016/1149, author = {Krishna Bagadia and Urbi Chatterjee and Debapriya Basu Roy and Debdeep Mukhopadhyay and Rajat Subhra Chakraborty}, title = {Exploiting Safe Error based Leakage of {RFID} Authentication Protocol using Hardware Trojan Horse}, howpublished = {Cryptology {ePrint} Archive, Paper 2016/1149}, year = {2016}, url = {https://eprint.iacr.org/2016/1149} }