Paper 2017/663

Securing Memory Encryption and Authentication Against Side-Channel Attacks Using Unprotected Primitives

Thomas Unterluggauer, Mario Werner, and Stefan Mangard

Abstract

Memory encryption is used in many devices to protect memory content from attackers with physical access to a device. However, many current memory encryption schemes can be broken using Differential Power Analysis (DPA). In this work, we present MEAS---the first Memory Encryption and Authentication Scheme providing security against DPA attacks. The scheme combines ideas from fresh re-keying and authentication trees by storing encryption keys in a tree structure to thwart first-order DPA without the need for DPA-protected cryptographic primitives. Therefore, the design strictly limits the use of every key to encrypt at most two different plaintext values. MEAS prevents higher-order DPA without changes to the cipher implementation by using masking of the plaintext values. MEAS is applicable to all kinds of memory, e.g., NVM and RAM, and has memory overhead comparable to existing memory authentication techniques without DPA protection, e.g., 7.3% for a block size fitting standard disk sectors.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. ASIA CCS 2017
DOI
10.1145/3052973.3052985
Keywords
side-channel attackDPAmemoryencryptionauthentication
Contact author(s)
thomas unterluggauer @ iaik tugraz at
History
2017-07-05: received
Short URL
https://ia.cr/2017/663
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/663,
      author = {Thomas Unterluggauer and Mario Werner and Stefan Mangard},
      title = {Securing Memory Encryption and Authentication Against  Side-Channel Attacks Using Unprotected Primitives},
      howpublished = {Cryptology ePrint Archive, Paper 2017/663},
      year = {2017},
      doi = {10.1145/3052973.3052985},
      note = {\url{https://eprint.iacr.org/2017/663}},
      url = {https://eprint.iacr.org/2017/663}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.