Paper 2017/1195
CAPA: The Spirit of Beaver against Physical Attacks
Oscar Reparaz and Lauren De Meyer and Begül Bilgin and Victor Arribas and Svetla Nikova and Ventzislav Nikov and Nigel Smart
Abstract
In this paper, we introduce CAPA: a combined countermeasure against physical attacks. Our countermeasure provides security against higher-order SCA, multiple-shot DFA and combined attacks, scales to arbitrary protection order and is suitable for implementation in embedded hardware and software. The methodology is based on an attack model which we call tile-probe-and-fault, which is an extension (in both attack surface and capabilities) of prior work such as the wire-probe model. The tile-probe-and-fault leads one to naturally look (by analogy) at actively secure multi-party computation protocols such as SPDZ. We detail several proof-of-concept designs using the CAPA methodology: a hardware implementation of the KATAN and AES block ciphers, as well as a software bitsliced AES S-box implementation. We program a second-order secure version of the KATAN design into a Spartan-6 FPGA and perform a side-channel evaluation. No leakage is detected with up to 18 million traces. We also deploy a second-order secure software AES S-box implementation into an ARM Cortex-M4. Neither first- nor second-order leakage is detected with up to 200 000 traces. Both our implementations can detect faults within a strong adversarial model with arbitrarily high probability.
Note: Added Acknowledgements Section
Metadata
- Available format(s)
- Publication info
- Preprint. MINOR revision.
- Keywords
- MPCmaskingSCADFAcountermeasurethreshold implementationAESKATANleakagephysical attacksside-channelSCA
- Contact author(s)
- lauren demeyer @ esat kuleuven be
- History
- 2018-06-11: last of 2 revisions
- 2017-12-18: received
- See all versions
- Short URL
- https://ia.cr/2017/1195
- License
-
CC BY