Cryptology ePrint Archive: Report 2017/1144

How Far Can We Reach? Breaking Masked AES Smartcard Implementation Using One Trace

Wei Cheng and Chao Zheng and Yuchen Cao and Yongbin Zhou and Hailong Zhang and Sylvain Guilley and Laurent Sauvage

Abstract: Rotating Sbox Masking (RSM) scheme is a highly efficient masking scheme proposed to protect cryptographic implementations from side channel attacks. It is a Low Entropy Masking Scheme and has attracted special attention for its low overhead but high performance. The two public targets of international academic competition DPA Contest v4 are both RSM-masked AES implementations, specifically, RSM-AES-256 for v4.1 and RSM-AES-128 for v4.2 respectively. The side channel security of RSM-AES-256 was intensively studied by researchers worldwide under the framework of DPA Contest and several flaws were identified, while the security of RSM-AES-128 is still not thoroughly studied. In this paper, we focus on analyzing the practical security of RSM-AES-128 from a profiling attack point of view. Specifically, we firstly present a Multivariate Template Attack (MTA) to maximize the success rates of key recovery attack. Next, we propose a new Depth-First Key Enumeration Algorithm (DFKEA) that could be applied to find the correct key efficiently after a side channel attack. By integrating the DFKEA to our MTA, we propose a novel multivariate profiling attack which could recover the whole secret key of RSM-AES-128 with over 95% possibility only using one electromagnetic trace. It is the best attack among all attacks submitted to DPA Contest Official up to now. Finally, we present one proposal to further improve the practical security of RSM-AES-128 at an acceptable overhead.

Category / Keywords: implementation / Side Channel Attacks, Template Attack, DPA Contest, Countermeasures, Rotating Sbox Masking Scheme, Shuffling Scheme

Date: received 24 Nov 2017, last revised 14 Mar 2019

Contact author: wei cheng at telecom-paristech fr

Available format(s): PDF | BibTeX Citation

Version: 20190314:232547 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]