Paper 2017/254

Towards Easy Key Enumeration

Changhai Ou, Degang Sun, Zhu Wang, and Xinping Zhou

Abstract

Key enumeration solutions are post-processing schemes for the output sequences of side channel distinguishers, the application of which are prevented by very large key candidate space and computation power requirements. The attacker may spend several days or months to enumerate a huge key space (e.g. $2^{40}$). In this paper, we aim at pre-processing and reducing the key candidate space by deleting impossible key candidates before enumeration. A new distinguisher named Group Collision Attack (GCA) is given. Moreover, we introduce key verification into key recovery and a new divide and conquer strategy named Key Grouping Enumeration (KGE) is proposed. KGE divides the huge key space into several groups and uses GCA to delete impossible key combinations and output possible ones in each group. KGE then recombines the remaining key candidates in each group using verification. The number of remaining key candidates becomes much smaller through these two impossible key candidate deletion steps with a small amount of computation. Thus, the attacker can use KGE as a pre-processing tool of key enumeration and enumerate the key more easily and fast in a much smaller candidate space.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint. MINOR revision.
Keywords
key enumerationKGEGroup Collision AttackDPA contest v4divide and conquerside channel attack
Contact author(s)
ouchanghai @ iie ac cn
History
2017-08-22: revised
2017-03-20: received
See all versions
Short URL
https://ia.cr/2017/254
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/254,
      author = {Changhai Ou and Degang Sun and Zhu Wang and Xinping Zhou},
      title = {Towards Easy Key Enumeration},
      howpublished = {Cryptology ePrint Archive, Paper 2017/254},
      year = {2017},
      note = {\url{https://eprint.iacr.org/2017/254}},
      url = {https://eprint.iacr.org/2017/254}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.