Part of the book series:Lecture Notes in Computer Science ((LNSC,volume 6212))
Included in the following conference series:
752Accesses
Abstract
This article aims at showing that side-channel analyses constitute powerful tools for reverse-engineering applications. We present two new attacks that only require known plaintext or ciphertext. The first one targets a stream cipher and points out how an attacker can recover unknown linear parts of an algorithm which is in our case the parameters of a Linear Feedback Shift Register. The second technique allows to retrieve an unknown non-linear function such as a substitution box. It can be applied on every kind of symmetric algorithm (typically Feistel or Substitution Permutation Network) and also on stream ciphers.
Twelve years after the first publication about side-channel attacks, we show that the potential of these analyses has been initially seriously under-estimated. Every cryptography, either public or secret, is indeed at risk when implemented in a device accessible by an attacker. This illustrates how vulnerable cryptography is without a trusted tamper-proof hardware support.
This is a preview of subscription content,log in via an institution to check access.
Access this chapter
Subscribe and save
- Get 10 units per month
- Download Article/Chapter or eBook
- 1 Unit = 1 Article or 1 Chapter
- Cancel anytime
Buy Now
- Chapter
- JPY 3498
- Price includes VAT (Japan)
- eBook
- JPY 5719
- Price includes VAT (Japan)
- Softcover Book
- JPY 7149
- Price includes VAT (Japan)
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Amiel, F., Feix, B., Villegas, K.: Power analysis for secret recovering and reverse engineering of public key algorithms. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 110–125. Springer, Heidelberg (2007)
Anderson, R.J., Kuhn, M.G.: Low Cost Attacks on Tamper Resistant Devices. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 125–136. Springer, Heidelberg (1998)
Biryukov, A., Shamir, A., Wagner, D.: Real Time Cryptanalysis of A5/1 on a PC. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 1–18. Springer, Heidelberg (2001)
Brier, É., Clavier, C., Olivier, F.: Correlation Power Analysis with a Leakage Model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)
Chari, S., Rao, J.R., Rohatgi, P.: Template Attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003)
Clavier, C.: An Improved SCARE Cryptanalysis Against a Secret A3/A8 GSM Algorithm. In: McDaniel, P., Gupta, S.K. (eds.) ICISS 2007. LNCS, vol. 4812, pp. 143–155. Springer, Heidelberg (2007)
Daudigny, R., Ledig, H., Muller, F., Valette, F.: SCARE of the DES. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 393–406. Springer, Heidelberg (2005)
Dinur, I., Shamir, A.: Side Channel Cube Attacks on Block Ciphers. Cryptology ePrint Archive, Report 2009/127 (March 2009),http://eprint.iacr.org/
Fournigault, M., Liardet, P.-Y., Teglia, Y., Trémeau, A., Robert-Inacio, F.: Reverse Engineering of Embedded Software Using Syntactic Pattern Recognition. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006 Workshops. LNCS, vol. 4277, pp. 527–536. Springer, Heidelberg (2006), doi:10.1007/11915034
Garcia, F.D., van Rossum, P., Verdult, R., Schreur, R.W.: Wirelessly Pickpocketing a Mifare Classic Card. In: IEEE Symposium on Security and Privacy — S&P ’09, Oakland, California, USA, May 2009. IEEE, Los Alamitos (2009)
Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual information analysis. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 426–442. Springer, Heidelberg (2008)
Goldack, M.: Side Channel Based Reverse Engineering for Microcontrollers. Ruhr-Universität-Bochum, Germany (January 2008),http://www.crypto.ruhr-uni-bochum.de/en_theses.html
Guilley, S., Hoogvorst, P., Pacalet, R., Schmidt, J.: Improving Side-Channel Attacks by Exploiting Substitution Boxes Properties. In: BFCA, Paris, France, May 02-04, pp. 1–25 (2007),http://www.liafa.jussieu.fr/bfca/,http://www.liafa.jussieu.fr/bfca/books/BFCA07.pdf
Kerckhoffs, A.: La cryptographie militaire (1). Journal des sciences militaires 9, 5–38 (1883),http://en.wikipedia.org/wiki/Kerckhoffs_law
Kuon, I., Rose, J.: Measuring the Gap Between FPGAs and ASICs. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 26(2), 203–215 (2007)
Le, T.-H., Clédière, J., Canovas, C., Robisson, B., Servière, C., Lacoume, J.-L.: A Proposition for Correlation Power Analysis Enhancement. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 174–186. Springer, Heidelberg (2006)
Nohl, K., Evans, D., Starbug, Plötz, H.: Reverse-Engineering a Cryptographic RFID Tag. In: van Oorschot, P.C. (ed.) USENIX Security Symposium, San Jose, CA, USA, July 28-August 1, pp. 185–194. USENIX Association
Nohl, K., Tews, E., Weinmann, R.-P.: Cryptanalysis of the DECT Standard Cipher. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 1–18. Springer, Heidelberg (2010)
Novak, R.: Side-channel attack on substitution blocks. In: Zhou, J., Yung, M., Han, Y. (eds.) ACNS 2003. LNCS, vol. 2846, pp. 307–318. Springer, Heidelberg (2003)
Novak, R.: Side-channel based reverse engineering of secret algorithms. In: Zajc, B. (ed.) Proceedings of the Twelfth International Electrotechnical and Computer Science Conference (ERK 2003), Ljubljana, Slovenia, September 25-26, pp. 445–448. Slovenska sekcija IEEE (2003)
Novak, R.: Sign-based differential power analysis. In: Chae, K.-J., Yung, M. (eds.) WISA 2003. LNCS, vol. 2908, pp. 203–216. Springer, Heidelberg (2004)
Réal, D., Dubois, V., Guilloux, A.-M., Valette, F., Drissi, M.: SCARE of an Unknown Hardware Feistel Implementation. In: Grimaud, G., Standaert, F.-X. (eds.) CARDIS 2008. LNCS, vol. 5189, pp. 218–227. Springer, Heidelberg (2008)
Schindler, W., Lemke, K., Paar, C.: A Stochastic Model for Differential Side Channel Cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 30–46. Springer, Heidelberg (2005)
Standaert, F.-X., Örs, S.B., Preneel, B.: Power analysis of an FPGA. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 30–44. Springer, Heidelberg (2004)
Standaert, F.-X., Peeters, É., Rouvroy, G., Quisquater, J.-J.: An Overview of Power Analysis Attacks Against Field Programmable Gate Arrays. Proceedings of the IEEE 94(2), 383–394 (2006) (invited Paper)
TELECOM ParisTech SEN research group. DPA Contest, 1st edn. (2008/2009)http://www.DPAcontest.org/
Vermoen, D., Witteman, M. F., Gaydadjiev, G.: Reverse Engineering Java Card Applets using Power Analysis. In: Sauveron, D., Markantonakis, K., Bilas, A., Quisquater, J.-J. (eds.) WISTP 2007. LNCS, vol. 4462, pp. 138–149. Springer, Heidelberg (2007)
Author information
Authors and Affiliations
CNRS LTCI (UMR 5141) Département COMELEC, Institut TELECOM, TELECOM ParisTech, 46 rue Barrault 75 634, PARIS Cedex 13, France
Sylvain Guilley & Laurent Sauvage
DGA CELAR, La Roche Marguerite, 35 174 Bruz, France
Julien Micolod, Denis Réal & Frédéric Valette
- Sylvain Guilley
You can also search for this author inPubMed Google Scholar
- Laurent Sauvage
You can also search for this author inPubMed Google Scholar
- Julien Micolod
You can also search for this author inPubMed Google Scholar
- Denis Réal
You can also search for this author inPubMed Google Scholar
- Frédéric Valette
You can also search for this author inPubMed Google Scholar
Editor information
Editors and Affiliations
Computer Science Department, École Normale Supérieure, 45 Rue d’Ulm, 75230, Paris Cedex 05, France
Michel Abdalla
Computer Architecture and Networking Laboratory (LARC), Universidade de Sáo Paulo, Av. Prof. Luciano Gualberto, trav.3, n.158, 05508-900, Sáo Paulo (SP), Brazil
Paulo S. L. M. Barreto
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Guilley, S., Sauvage, L., Micolod, J., Réal, D., Valette, F. (2010). Defeating Any Secret Cryptography with SCARE Attacks. In: Abdalla, M., Barreto, P.S.L.M. (eds) Progress in Cryptology – LATINCRYPT 2010. LATINCRYPT 2010. Lecture Notes in Computer Science, vol 6212. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14712-8_17
Download citation
Publisher Name:Springer, Berlin, Heidelberg
Print ISBN:978-3-642-14711-1
Online ISBN:978-3-642-14712-8
eBook Packages:Computer ScienceComputer Science (R0)
Share this paper
Anyone you share the following link with will be able to read this content:
Sorry, a shareable link is not currently available for this article.
Provided by the Springer Nature SharedIt content-sharing initiative