Paper 2016/1149

Exploiting Safe Error based Leakage of RFID Authentication Protocol using Hardware Trojan Horse

Krishna Bagadia, Urbi Chatterjee, Debapriya Basu Roy, Debdeep Mukhopadhyay, and Rajat Subhra Chakraborty

Abstract

Radio-Frequency Identification tags are used for several applications requiring authentication mechanisms, which if subverted can lead to dire consequences. Many of these devices are based on low-cost Integrated Circuits which are designed in off-shore fabrication facilities and thus raising concerns about their trust. Recently, a lightweight entity authentication protocol called LCMQ was proposed, which is based on Learning Parity with Noise, Circulant Matrix, and Multivariate Quadratic problems. This protocol was proven to be secure against Man-in-the-middle attack and cipher-text only attacks. In this paper, we show that in the standard setting, although the authentication uses two $m$ bit keys, $\mathbf{K_1}$ and $\mathbf{K_2}$, knowledge of only $\mathbf{K_2}$ is sufficient to forge the authentication. Based on this observation, we design a stealthy malicious modification to the circuitry based on the idea of Safe-errors to leak $\mathbf{K_2}$ and thus can be used to forge the entire authentication mechanism. We develop a Field Programmable Gate Array prototype of the design which is extremely lightweight and can be implemented using four Lookup tables.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint. MINOR revision.
Keywords
Hardware Trojan HorseLCMQSafe Error
Contact author(s)
krishna bagadia2 @ gmail com
History
2016-12-21: received
Short URL
https://ia.cr/2016/1149
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/1149,
      author = {Krishna Bagadia and Urbi Chatterjee and Debapriya Basu Roy and Debdeep Mukhopadhyay and Rajat Subhra Chakraborty},
      title = {Exploiting Safe Error based Leakage of RFID Authentication Protocol using Hardware Trojan Horse},
      howpublished = {Cryptology ePrint Archive, Paper 2016/1149},
      year = {2016},
      note = {\url{https://eprint.iacr.org/2016/1149}},
      url = {https://eprint.iacr.org/2016/1149}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.