Paper 2017/382

A General Degenerate Grouping Power Attack with Specific Application to SIMON and SPECK

Steven Cavanaugh

Abstract

A Degenerate Grouping Power Attack (DGPA) is a type of Partitioning Power Analysis (PPA) used to extract secret keys from the power sidechannel signal of an encryption algorithm running on a device along with some known and varying information such as the associated plaintext or ciphertext associated with each encryption. The DGPA is applied to SIMON and SPECK implementations on MSP430, PIC16F, and Spartan 6 platforms in this work. While keys are successfully recovered from unprotected implementations, guidance is given on a minimum number of rounds, $d$, to perform per clock cycle in FPGAs and ASICs as to mitigate against such attacks for a deployment dependent maximum quantity of data which is to be encrypted with a given key. On the Spartan 6, full key recovery of SIMON 64/128 $$ and SPECK 64/128 $$ is trivially achieved in seconds with no more than one million random plaintexts, requiring the use of larger $$ for most implementations. The amount of work to recover a key as a function of the amount of collected data encrypted with that key is explored. To ensure security when performing most modes of block cipher operation with an algorithm having block size $$, a particular key should be used to perform no more than $$ encryptions. A feasible key recovery requiring less than 80-bits of work and data from less than $$ encryptions is excluded for SIMON 64/128 implementations having $$ and for SPECK 64/128 implementations having $$. The DGPA attack method is demonstrated to succeed against a limited data set consisting of one power sample per device clock cycle against a specifically targeted instruction. This provides a basis for a low power field deployed power side channel signal capture hardware for embedded key recovery and exfiltration.