nach oben

Erschienen in:

2024 | OriginalPaper | Buchkapitel

Attacking and Securing the Clock Randomization and Duplication Side-Channel Attack Countermeasure

verfasst von : Martin Brisfors, Michail Moraitis, Gabriel Klasson Landin, Truls Jilborg

Erschienen in: Foundations and Practice of Security

Verlag: Springer Nature Switzerland

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The emergence of deep learning has revolutionized side-channel attacks, making them a serious threat to cryptographic systems. Clock randomization is a well-established mitigation technique against side-channel attacks that, when combined with duplication, has been shown to effectively protect FPGA implementations of block ciphers and post-quantum KEMs. In this paper, we present two deep-learning-based side-channel attacks on an FPGA implementation of AES protected with the clock randomization and duplication countermeasure. The attacks are based on identifying sporadic synchronicity in the execution of the encryption rounds of the two AES cores. We remedy this vulnerability by presenting three modular additions to the original design of the countermeasure that restores its security and increases its robustness.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Original Entry Point Detection Based on Graph Similarity

Nächstes Kapitel Hardening Systems Against Data Corruption Attacks at Design Time

This acronym is not used in the original paper that describes the countermeasure. We decided to introduce it here since we make many references to it throughout the paper.

Hamming Weight is defined as the number of logical 1 s in the binary representation of the value.

Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25CrossRef

Kocher, P.C., Jaffe, J.M., Jun, B.C.: Using unpredictable information to minimize leakage from smartcards and other cryptosystems. US Patent 6,327,661 (2001)

Bucci, M., Luzzi, R., Guglielmo, M., Trifiletti, A.: A countermeasure against differential power analysis based on random delay insertion. In: IEEE International Symposium on Circuits and Systems (ISCAS), vol. 4, pp. 3547–3550 (2005)

Lu, Y., O’Neill, M.P., McCanny, J.V.: FPGA implementation and analysis of random delay insertion countermeasure against DPA. In: 2008 International Conference on Field-Programmable Technology, pp. 201–208 (2008)

Boey, K.H., Hodgers, P., Lu, Y., O’Neill, M., Woods, R.: ‘Security of AES Sbox designs to power analysis. In: 2010 17th IEEE International Conference on Electronics, Circuits and Systems, pp. 1232–1235 (2010)

Boey, K.H., Lu, Y., O’Neill, M., Woods, R.: Random clock against differential power analysis. In: 2010 IEEE Asia Pacific Conference on Circuits and Systems, pp. 756–759 (2010)

Zafar, Y., Har, D.: A novel countermeasure enhancing side channel immunity in FPGAs. In: 2008 International Conference on Advances in Electronics and Micro-electronics, pp. 132–137 (2008)

Zafar, Y., Park, J., Har, D.: Random clocking induced DPA attack immunity in FPGAs. In: 2010 IEEE International Conference on Industrial Technology, pp. 1068–1070 (2010)

Güneysu, T., Moradi, A.: Generic side-channel countermeasures for reconfigurable devices. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 33–48. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23951-9_3CrossRef

10.

Ravi, P., Bhasin, S., Breier, J., Chattopadhyay, A.: PPAP and iPPAP: PLL-based protection against physical attacks. In: 2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI), pp. 620–625. IEEE (2018)

11.

Fritzke, A.W.: Obfuscating against side-channel power analysis using hiding techniques for AES (2012)

12.

Jayasinghe, D., Ignjatovic, A., Parameswaran, S.: RFTC: runtime frequency tuning countermeasure using FPGA dynamic reconfiguration to mitigate power analysis attacks. In: 2019 56th ACM/IEEE Design Automation Conference (DAC), pp. 1–6. IEEE (2019)

13.

Hettwer, B., Das, K., Leger, S., Gehrer, S., Güneysu, T.: Lightweight side-channel protection using dynamic clock randomization. In: 2020 30th International Conference on Field-Programmable Logic and Applications (FPL), pp. 200–207 (2020)

14.

Brisfors, M., Moraitis, M., Dubrova, E.: Do not rely on clock randomization: A side-channel attack on a protected hardware implementation of AES. In: Jourdan, G.V., Mounier, L., Adams, C., Sedes, F., Garcia-Alfaro, J. (eds.) FPS 2022. LNCS, vol. 13877, pp. 38–53. Springer, Heidelberg (2022). https://doi.org/10.1007/978-3-031-30122-3_3CrossRef

15.

Moraitis, M., Brisfors, M., Dubrova, E., Lindskog, N., Englund, H.: A side-channel resistant implementation of AES combining clock randomization with duplication. In: 2023 IEEE International Symposium on Circuits and Systems (ISCAS), pp. 1–5 (2023)

16.

Moraitis, M., Ji, Y., Brisfors, M., Dubrova, E., Lindskog, N.: Securing CRYSTALS-kyber in FPGA using duplication and clock randomization. IEEE Des. Test (2023)

17.

Landin, G.K., Jilborg, T.: Determining the optimal frequencies for a duplicated randomized clock sca countermeasure. arXiv preprint arXiv:2307.13834 (2023)

18.

Xilinx. Using Digital Clock Managers (DCMs) in Spartan-3 FPGAs application note (XAPP462) (2006)

19.

Xilinx. 7 Series FPGAs Clocking Resources User Guide (UG472) (2018)

20.

Xing, Y., Li, S.: A compact hardware implementation of CCA-secure key exchange mechanism CRYSTALS-KYBER on FPGA. IACR Trans. Cryptogr. Hardw. Embed. Syst. 328–356 (2021)

21.

Maghrebi, H., Portigliatti, T., Prouff, E.: Breaking cryptographic implementations using deep learning techniques. In: Carlet, C., Hasan, M.A., Saraswat, V. (eds.) SPACE 2016. LNCS, vol. 10076, pp. 3–26. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-49445-6_1CrossRef

22.

Benadjila, R., Prouff, E., Strullu, R., Cagli, E., Dumas, C.: Study of deep learning techniques for side-channel analysis and introduction to ASCAD database. Cryptology ePrint Archive, Paper 2018/053 (2018). https://eprint.iacr.org/2018/053

23.

Masure, L., et al.: Deep Learning Side-Channel Analysis on Large-Scale Traces - A Case Study on a Polymorphic AES. Cryptology ePrint Archive, Paper 2020/881 (2020). https://eprint.iacr.org/2020/881

24.

Masure, L., Dumas, C., Prouff, E.: A comprehensive study of deep learning for side-channel analysis. IACR Trans. Cryptogr. Hardw. Embed. Syst. 348–375 (2020)

25.

NewAE Technology Inc. Chipwhisperer. https://newae.com/tools/chipwhisperer

26.

Gilbert Goodwill, B.J., Jaffe, J., Rohatgi, P., et al.: A testing methodology for side-channel resistance validation. In: NIST Non-invasive Attack Testing Workshop, vol. 7, pp. 115–136 (2011)

27.

Welch, B.L.: The generalization of ‘student’s’ problem when several different population varlances are involved. Biometrika 34(1–2), 28–35 (1947)MathSciNet

28.

Standaert, F.-X.: How (not) to use Welch’s T-test in side-channel security evaluations. In: Bilgin, B., Fischer, J.-B. (eds.) CARDIS 2018. LNCS, vol. 11389, pp. 65–79. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-15462-2_5CrossRef

Titel: Attacking and Securing the Clock Randomization and Duplication Side-Channel Attack Countermeasure
verfasst von: Martin Brisfors
Michail Moraitis
Gabriel Klasson Landin
Truls Jilborg
Verlag: Springer Nature Switzerland
Buch: Foundations and Practice of Security
Print ISBN: 978-3-031-57536-5

Electronic ISBN: 978-3-031-57537-2

Copyright-Jahr: 2024
DOI: https://doi.org/10.1007/978-3-031-57537-2_23

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner