Impact of Compiler Optimization Flags on Side-Channel Information Leakage of SipHash algorithm
Authors
Olekšák, M.; Miškovský, V.
Year
2024
Published
Proceedings of the 2024 27th Euromicro Conference on Digital System Design. Los Alamitos: IEEE Computer Society, 2024. p. 51-56. ISSN 2771-2508. ISBN 979-8-3503-8038-5.
Type
Proceedings paper
Departments
Annotation
This work presents an experimental evaluation of influence of compiler optimization flags on side-channel information leakage. SipHash was used as a reference algorithm an ARX-based pseudorandom function optimized for short inputs. ChipWhisperer CW308 with various targets was used for the evaluation using guessing entropy of CPA and Welch's t-test. The main contribution of this paper is analysis of impact of each flag and its suitability for implementations minimizing side-channel leakage.
Is ASCON the best choice regarding the Side-channel Analysis?
Authors
Olekšák, M.; Miškovský, V.
Year
2023
Published
Proceedings of 2023 12th Mediterranean Conference on Embedded Computing (MECO). Piscataway: IEEE, 2023. p. 173-177. ISSN 2637-9511. ISBN 979-8-3503-2291-0.
Type
Proceedings paper
Departments
Annotation
The National Institute of Standards and Technology (NIST) started challenge for
the new standard of lightweight encryption to meet the requirements of IoT
devices. One of the requirements for the upcoming standard was resistance
against side-channel attacks. This year, they chose ASCON as the winner from
the final ten. In this work, we present an overview of each finalist and
how ASCON stands against the other finalists regarding side-channel attacks
resistance in the research to date.
A Comprehensive Survey on the Non-Invasive Passive Side-Channel Analysis
Authors
Year
2022
Published
Sensors. 2022, 22(21), ISSN 1424-8220.
Type
Article
Departments
Annotation
Side-channel analysis has become a widely recognized threat to the security of cryptographic implementations. Different side-channel attacks, as well as countermeasures, have been proposed in the literature. Such attacks pose a severe threat to both hardware and software cryptographic implementations, especially in the IoT environment where the attacker may easily gain physical access to a device, leaving it vulnerable to tampering. In this paper, we provide a comprehensive survey regarding the non-invasive passive side-channel analysis. We describe both non-profiled and profiled attacks, related security metrics, countermeasures against such attacks, and leakage-assessment methodologies, as available in the literature of more than twenty years of research.
A fair experimental evaluation of distance correlation side-channel distinguisher
Authors
Year
2022
Published
Proceedings of the 11th Mediterranean Conference on Embedded Computing (MECO 2022). Institute of Electrical and Electronics Engineers, Inc., 2022. p. 110-113. ISSN 2377-5475. ISBN 978-1-6654-6828-2.
Type
Proceedings paper
Departments
Annotation
Side-channel attacks pose a severe threat to crypto graphic implementations, allowing the attacker to recover secret information based on physical observations of the cryptographic device. Correlation Power Analysis is considered to be one of the most powerful attacks in the non-profiled scenario. In this paper, we consider the distance/Brownian correlation instead of the traditionally used Pearson coefficient. We give a fair comparison of our novel approach attacking AES on three different FPGA platforms and we discuss the distance correlation potential in the context of side-channel analysis.
Correlation Power Analysis of SipHash
Authors
Olekšák, M.; Miškovský, V.
Year
2022
Published
Proceedings of the 2022 25th International Symposium on Design and Diagnostics of Electronic Circuits and Systems (DDECS). Piscataway: IEEE, 2022. p. 84-87. ISSN 2473-2117. ISBN 978-1-6654-9431-1.
Type
Proceedings paper
Departments
Annotation
SipHash is ARX-based pseudorandom function optimized for short inputs. It was developed as a hash table lookup function, but it is also used for MAC generation. At the time of writing, there was no side-channel attack on SipHash known to us. This work is about application of CPA attack on SipHash. Attack was performed on ChipWhisperer CW308 UFO Board with STM32F0 target. Approximately 800 power traces were needed for succesful attack. Leakage information from XOR was used to attack cipher key. The main contribution of this work is power model of binary addition including carry propagation.
High-level synthesis, cryptography, and side-channel countermeasures: A comprehensive evaluation
Authors
Year
2021
Published
Microprocessors and Microsystems. 2021, 85 1-13. ISSN 0141-9331.
Type
Article
Departments
Annotation
Side-channel attacks pose a severe threat to both software and hardware cryptographic implementations. Current literature presents various countermeasures against these kinds of attacks, based on approaches such as hiding or masking, implemented either in software, or on register-transfer level or gate level in hardware. However, emerging trends in hardware design lean towards a system-level approach, allowing for faster, less error-prone, design process, an efficient hardware/software co-design, or sophisticated validation, verification, and (co)simulation strategies. In this paper, we propose a Boolean masking scheme suitable for high-level synthesis of substitution-permutation network-based encryption. We implement both unprotected and protected PRESENT, AES/Rijndael and Serpent encryption in C language, utilizing the concept of dynamic logic reconfiguration, synthesize it for Xilinx FPGA, and we compare our results regarding time and area utilization. We evaluate the effectiveness of proposed countermeasures using both specific and non-specific t-test leakage assessment methodology. We discuss the leakage assessment results, and we identify and discuss the related limitations of the system-level approach and the high-level synthesis.
Secure and dependable: Area-efficient masked and fault-tolerant architectures
Authors
Year
2021
Published
Proceedings of the 2021 24th Euromicro Conference on Digital System Design. Los Alamitos: IEEE Computer Society, 2021. p. 333-338. ISBN 978-1-6654-2703-6.
Type
Proceedings paper
Departments
Annotation
Masking is a powerful instrument for protecting cryptographic devices against side-channel analysis. Multiple masking schemes were introduced providing provable security
against attacks of arbitrary order even in the presence of glitches. When a device is a part of some safety-critical system, it needs to meet dependability requirements; therefore, it should be protected against spontaneously occurring faults. Existing commonly used fault-tolerance architectures involve high area overhead as so as the masking schemes do. In this paper, we propose architectures meeting dependability properties of simple modular-redundancy schemes and SCA resistance of masking schemes, but decreasing the area overhead utilizing the randomness involved in the masking schemes.
We compare our Masked Duplex architecture with Triple Modular Redundancy. While using one less redundant module, our architecture saves around 20% of the area in comparison with TMR in the case of Threshold Implementation of PRESENT cipher, promising more savings for more complex cryptographic schemes
Efficient algorithmic evaluation of correlation power analysis: Key distinguisher based on the correlation trace derivative
Authors
Year
2019
Published
Microprocessors and Microsystems. 2019, 2019(71), 1-8. ISSN 0141-9331.
Type
Article
Departments
Annotation
Correlation power analysis (CPA) is one of the most common side-channel attacks today, posing a threat to many modern ciphers, including AES. In the final step of this attack, the cipher key is usually extracted by the attacker by visually examining the correlation traces for each key guess. The naïve way to extract the correct key algorithmically is selecting the key guess with the maximum Pearson correlation coefficient.
We propose another key distinguisher based on a significant change in the correlation trace rather than on the absolute value of the coefficient. Our approach performs better than the standard maximization, especially in the noisy environment, and it allows to significantly reduce the number of acquired power traces necessary to successfully mount an attack in noisy environment, and in some cases make the attack even feasible.
First-Order and Higher-Order Power Analysis: Computational Approaches and Aspects
Authors
Year
2019
Published
Proceedings of the 8th Mediterranean Conference on Embedded Computing - MECO'2019. Institute of Electrical and Electronics Engineers, Inc., 2019. p. 83-87. ISSN 2377-5475. ISBN 978-1-7281-1739-3.
Type
Proceedings paper
Departments
Annotation
Side-channel analysis pose a serious threat to many modern cryptosystems. Using Correlation power analysis, attacker may be able to recover the cipher key and therefore jeopardize the whole cryptosystem, which is why many countermeasures are being developed. These countermeasures are typically effective against first-order attacks. However, protected implementations may still be vulnerable to higher-order analysis. In this paper, we compare different approaches to the higher-order analysis regarding their mathematical and performance properties. We focus on Correlation power analysis attack and the test vector leakage assesment using Welch’s t-test, we optimize and accelerate discussed algorithms using CPU and GPU, and we present our experimental results and remarks
SICAK: An open-source SIde-Channel Analysis toolKit
Authors
Year
2019
Published
8th Workshop on Trustworthy Manufacturing and Utilization of Secure Devices (TRUDEVICE 2019). Karlsruhe Institute of Technology, 2019.
Type
Proceedings paper
Departments
Annotation
Side-channel cryptanalysis pose a serious threat to many modern cryptographic systems. Typical scenario of a side-channel attack consists of an active phase, where data are acquired, and of an analytical phase, where the data get examined and evaluated. This work presents a software toolkit which includes support for both phases of the side-channel attack. The toolkit consists of non-interactive text-based utilities with modular plug-in architecture. The measurement utility supports different oscilloscopes, target interfaces and measurement scenarios. The evaluation utilities include support for the test vector leakage assessment and the CPA attack. Different approaches to the algorithmical evaluation of the attack are implemented in order to extract the cipher key. The visualisation utility allows for the visual examination of the attack results by the user. The toolkit aims to be multiplatform and it is written using C/C++ with performance in mind. Time-demanding operations (such as the statistical analysis) are accelerated using OpenMP and OpenCL for an efficient computation on both CPU and GPU devices.
Side-channel analysis: efficient implementations and fault-tolerant countermeasures
Authors
Year
2019
Published
Sborník příspěvků PAD 2019 – elektronická verze. Praha: AMCA spol. s r.o., 2019. p. 68-72. ISBN 978-80-88214-20-5.
Type
Proceedings paper
Departments
Annotation
This work summarizes the author's research in the area of side-channel analysis. It focuses on two main topics: efficient implementations of attacks and fault-tolerant countermeasures. Published results of the author are briefly presented and recent unpublished results dedicated to fault-tolerant architectures exploiting randomness of masking schemes to decrease the overhead are described. The structure of this paper corresponds to the structure of author's forthcoming dissertation thesis.
Correlation Power Analysis Distinguisher Based on the Correlation Trace Derivative
Authors
Year
2018
Published
Proceedings of the 21st Euromicro Conference on Digital System Design. Piscataway: IEEE, 2018. p. 565-568. ISBN 978-1-5386-7376-8.
Type
Proceedings paper
Departments
Annotation
Correlation power analysis (CPA) is one of the most common side channel attacks today, posing a threat to many modern ciphers, including AES. The simplest method to extract the correct key guess is selecting the guess with the maximum Pearson correlation coefficient. We propose another distinguisher based on a significant change in the correlation trace rather than on the absolute value of the coefficient. Our approach performs better than the standard CPA, especially in the noisy environment.
Dummy Rounds as a DPA countermeasure in hardware
Authors
Year
2018
Published
Proceedings of the 21st Euromicro Conference on Digital System Design. Piscataway: IEEE, 2018. p. 523-528. ISBN 978-1-5386-7376-8.
Type
Proceedings paper
Departments
Annotation
This paper describes the technique of Dummy Rounds as a countermeasure against DPA in hardware implementation of round-based ciphers. Its principle is inspired by several well-known countermeasures used in hardware as Hiding and Dynamic Reconfiguration as well as countermeasures used in software implementations as Dummy cycles, Random order execution or Hiding in time. Being inspired by countermeasures based on dynamic reconfiguration, this method combines hiding of power consumption with hiding in time. In this work we also discuss the amount of randomness available for the control of the computation.
Speeding up differential power analysis using integrated power traces
Authors
Year
2018
Published
2018 7th Mediterranean Conference on Embedded Computing (MECO). Piscataway: IEEE, 2018. p. 19-23. ISBN 978-1-5386-5683-9.
Type
Proceedings paper
Departments
Annotation
Side-channel attacks, including differential power analysis (DPA), are still an emerging topic. To make a deep research about DPA, one needs to be able to perform it as fast as possible. There are many possible ways to decrease the time of the attack. In this paper, we propose a way to decrease the duration of the correlation computations of this kind of attack by decreasing the number of samples per a power trace using an integration based aggregation method. We comprehensively describe this idea and present the results of an experimental evaluation focusing on the time efficiency of this approach.
Digital Design Connecting Fault Tolerance and Attack Resistance
Authors
Year
2017
Published
Počítačové architektúry & diagnostika PAD 2017 - Zborník príspevkov. Bratislava: STU Scientific, 2017. pp. 43-46. ISBN 978-80-972784-0-3.
Type
Invited/Awarded proceedings paper
Departments
Annotation
Fault tolerance and attack resistance are design properties possibly demanded at the same time. There are many design methods providing one of these properties, but in both cases they introduce considerable area and power overhead. Unfortunately, the overhead of fault tolerant design could negatively influence the attack resistance and vice versa, the overhead of attack resistant design could negatively influence the fault tolerance. The main aim of this research is determination of the mutual influence and suggestion of new design methods combining both fault tolerance and attack resistance.
Influence of Fault-Tolerance Techniques on Power-Analysis Resistance of Cryptographic Design
Authors
Year
2017
Published
Proc. of the 20th Euromicro Conference on Digital System Design. Piscataway, NJ: IEEE, 2017. p. 260-267. ISBN 978-1-5386-2146-2.
Type
Proceedings paper
Departments
Annotation
As the security is becoming more and more important
these days, we still should not forget about reliability. When
designing a cryptographic device for some mission-critical or
another reliability demanding system, we need to make the device
not only attack-resistant, but also fault-tolerant. There are many
common fault-tolerant digital design techniques, however, it is
questionable, how these techniques affect the attack-resistance.
Do they make the device more vulnerable e.g. to side-channel
attacks?
In our work we focused on finding the answer to this question.
We experimentally evaluated the influence of information
redundancy, space redundancy and time redundancy techniques
on resistance against power analysis attack. In this paper we
present our observations.
Influence of passive hardware redundancy on differential power analysis resistance of AES cipher implemented in FPGA
Authors
Year
2017
Published
Microprocessors and Microsystems. 2017, 2017(51), 220-226. ISSN 0141-9331.
Type
Article
Departments
Annotation
Many electronic systems have to fulfill strict dependability properties, especially both fault tolerance and attack resistance. Intuitively, these requirements may seem to contradict each other. A study and an experiment description of the possible methods how to measure these impacts as well as result of first experiments are presented in this paper. Specifically, how basic passive hardware redundancy design methods affects resistance against differential power analysis attack and how the whole design can be modified to increase attack resistance will be discussed.
Optimization of Pearson correlation coefficient calculation for DPA and comparison of different approaches
Authors
Year
2017
Published
Proceedings of the 2017 IEEE 20th International Symposium on Design and Diagnotics of Electronic Circuit & Systems. Piscataway, NJ: IEEE, 2017. p. 184-189. ISSN 2473-2117. ISBN 978-1-5386-0472-4.
Type
Proceedings paper
Departments
Annotation
Differential power analysis (DPA) is one of the most common side channel attacks. To perform this attack we need to calculate a large amount of correlation coefficients. This amount is even higher when attacking FPGAs or ASICs, for higher order attacks and especially for attacking DPA protected devices. This article explains different approaches to the calculation of correlations, describes our implementation of these approaches and presents a detailed comparison considering their performance and their properties for a practical usage.
Digital Design Connecting Attack Resistance and Fault Tolerance
Authors
Year
2016
Published
Počítačové Architektury & Diagnostika PAD 2016 - Sborník příspěvků. Brno: Vysoké učení technické v Brně, 2016. p. 53-56. ISBN 978-80-214-5376-0.
Type
Proceedings paper
Departments
Annotation
This research is about possibilities of connecting fault tolerant and attack resistant digital design methods. These properties often contradict each other and both of them cause high area and power consumption overhead. We currently focus on mutual influence of these properties and our future objective is to find some new design method increasing both fault tolerance and attack resistance at the same time.
Influence of fault-tolerant design methods on differential power analysis resistance of AES cipher: Methodics and challenges
Authors
Year
2016
Published
Proceedings of the 5th Mediterranean Conference on Embedded Computing (MECO 2016). Piscataway: Institute of Electrical and Electronics Engineers, 2016. p. 14-17. ISSN 2377-5475. ISBN 978-1-5090-2221-2.
Type
Proceedings paper
Departments
Annotation
Many electronic systems has to fulfill strict dependability properties, especially both fault tolerance and attack resistance. These requirements usually contradict each other. The study and experiment descriptions of the possible methods how to measure these impacts are presented in this paper. Specifically, how fault-tolerant design methods affects resistance against differential power analysis attack and how the whole design can be modified to increase attack resistance will be discussed.