Key Schedule against Template Attack-Based Simple Power Analysis on a Single Target
Since 2002, there have been active discussions on template attacks due to the robust performance of such attacks. There are reports of numerous proposals to improve the accuracy of prediction model in order to identify the point of interest. To date, many researchers have only focused on the perform...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2020-05-01
|
Series: | Applied Sciences |
Subjects: | |
Online Access: | https://www.mdpi.com/2076-3417/10/11/3804 |
id |
doaj-4bd6f73ef92b41f6bb8c27c7488e78db |
---|---|
record_format |
Article |
spelling |
doaj-4bd6f73ef92b41f6bb8c27c7488e78db2020-11-25T03:27:10ZengMDPI AGApplied Sciences2076-34172020-05-01103804380410.3390/app10113804Key Schedule against Template Attack-Based Simple Power Analysis on a Single TargetYoo-Seung Won0Bo-Yeon Sim1Jong-Yeon Park2Physical Analysis and Cryptographic Engineering, Temasek Laboratories at Nanyang Technological University, 21 Nanyang Link, Singapore 637371, SingaporeDepartment of Mathematics, Kookmin University, 77 Jeongneung-ro, Seongbuk-gu, Seoul 02727, KoreaSystem LSI Business, Samsung Electronics, 1, Samsungjeonja-ro, Hwaseong-si 18448, KoreaSince 2002, there have been active discussions on template attacks due to the robust performance of such attacks. There are reports of numerous proposals to improve the accuracy of prediction model in order to identify the point of interest. To date, many researchers have only focused on the performance of template attacks. In this paper, we introduce a new approach to retrieve the secret information in key schedules, without the profiling phase utilizing secret information. The template attack allows us to reveal the correct key even though the encryption/decryption processes have powerful countermeasures. More precisely, if the templates are sufficiently built in loading/saving the public information, in the extraction phase, the templates already created can be applied to the identical operation about secret information, which allows us to retrieve the secret information even if the countermeasures are theoretically robust. This suggestion becomes another backdoor to avoid hardened countermeasures. In order to demonstrate our proposal, we consider the Advanced Encryption Standard key schedule as a target for attack; however, it cannot be the target of non-profiling attacks in general. Finally, the Hamming weight information of the correct key could be recovered in an XMEGA128 chip, without the secret information. Moreover, we concentrate on the potential possibility of our suggestion since the performance cannot outperform the original methods used in such attacks.https://www.mdpi.com/2076-3417/10/11/3804template attackAES key scheduleprofiling attack |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Yoo-Seung Won Bo-Yeon Sim Jong-Yeon Park |
spellingShingle |
Yoo-Seung Won Bo-Yeon Sim Jong-Yeon Park Key Schedule against Template Attack-Based Simple Power Analysis on a Single Target Applied Sciences template attack AES key schedule profiling attack |
author_facet |
Yoo-Seung Won Bo-Yeon Sim Jong-Yeon Park |
author_sort |
Yoo-Seung Won |
title |
Key Schedule against Template Attack-Based Simple Power Analysis on a Single Target |
title_short |
Key Schedule against Template Attack-Based Simple Power Analysis on a Single Target |
title_full |
Key Schedule against Template Attack-Based Simple Power Analysis on a Single Target |
title_fullStr |
Key Schedule against Template Attack-Based Simple Power Analysis on a Single Target |
title_full_unstemmed |
Key Schedule against Template Attack-Based Simple Power Analysis on a Single Target |
title_sort |
key schedule against template attack-based simple power analysis on a single target |
publisher |
MDPI AG |
series |
Applied Sciences |
issn |
2076-3417 |
publishDate |
2020-05-01 |
description |
Since 2002, there have been active discussions on template attacks due to the robust performance of such attacks. There are reports of numerous proposals to improve the accuracy of prediction model in order to identify the point of interest. To date, many researchers have only focused on the performance of template attacks. In this paper, we introduce a new approach to retrieve the secret information in key schedules, without the profiling phase utilizing secret information. The template attack allows us to reveal the correct key even though the encryption/decryption processes have powerful countermeasures. More precisely, if the templates are sufficiently built in loading/saving the public information, in the extraction phase, the templates already created can be applied to the identical operation about secret information, which allows us to retrieve the secret information even if the countermeasures are theoretically robust. This suggestion becomes another backdoor to avoid hardened countermeasures. In order to demonstrate our proposal, we consider the Advanced Encryption Standard key schedule as a target for attack; however, it cannot be the target of non-profiling attacks in general. Finally, the Hamming weight information of the correct key could be recovered in an XMEGA128 chip, without the secret information. Moreover, we concentrate on the potential possibility of our suggestion since the performance cannot outperform the original methods used in such attacks. |
topic |
template attack AES key schedule profiling attack |
url |
https://www.mdpi.com/2076-3417/10/11/3804 |
work_keys_str_mv |
AT yooseungwon keyscheduleagainsttemplateattackbasedsimplepoweranalysisonasingletarget AT boyeonsim keyscheduleagainsttemplateattackbasedsimplepoweranalysisonasingletarget AT jongyeonpark keyscheduleagainsttemplateattackbasedsimplepoweranalysisonasingletarget |
_version_ |
1724589154089566208 |