Methods for Increasing the Resistance of Cryptographic Designs Against Horizontal DPA Attacks

Microprocessors and Microsystems

Klann

et al. 2021

Self Cite

In this paper we discuss the difficulties of mounting successful attack against crypto implementations when essential information is missing. We start with a detailed description of our attack against our own design, to highlight which information is needed to increase the success of an attack, i.e. we use it as a blueprint to the following attack against commercially available crypto chips. We would like to stress that our attack against our own design is very similar to what happens during certification e.g. according to Common Criteria Standard as in those cases the manufacturer need to provide detailed information. When attacking the commercial designs without signing NDAs, we needed to intensively search the Internet for information about the designs. We cannot to reveal the private keys used by the attacked commercial authentication chips 100% correctly. Moreover, the missing knowledge of the used keys does not allow us to evaluate the success of our attack. We were able to reveal information on the processing sequence during the authentication process even as detailed as identifying the clock cycles in which the individual key bits are processed. To summarize the effort of such an attack is significantly higher than the one of attacking a well-known implementation.

Section: B Implementation Details Of Our Kp Designmentioning

confidence: 80%

Section: E Attacking Our Kp Design Running On Fpgamentioning

confidence: 99%

Section: E Attacking Our Kp Design Running On Fpgamentioning

confidence: 99%

See 1 more Smart Citation

On the Complexity of Attacking Commercial Authentication Products

Microprocessors and Microsystems

Klann

et al. 2021

Self Cite

“…We implemented the field multiplier without any countermeasures against SCA, i.e. the sequence of the multiplication was not randomized as for example in [11], and multiplications are not masked. The investigated multiplier is inherently resistant against the performed attacks.…”

Section: Inherent Resistance Of Investigated Field Multipliermentioning

confidence: 99%

Unified field multiplier for ECC: Inherent resistance against horizontal SCA attacks

2018 13th International Conference on Design &Amp; Technology of Integrated Systems in Nanoscale Era (DTIS)

Kreiser

et al. 2018

Self Cite

“…Well-known randomization techniques such as secret scalar randomization, randomization of the projective EC point coordinates or EC point blinding [24] are effective against vertical attacks, i.e., if key-dependent data processing is exploited to extract the key. However, they are not effective [25,26] against attacks exploiting the key-dependent addressing of the design blocks, i.e., their application when using atomic patterns does not prevent horizontal attacks that exploit the addressing from being successful. In other words, they do not prevent simple SCA attacks that are looking for highly fine-grained differences in the trace.…”

mentioning

confidence: 99%

Atomicity and Regularity Principles Do Not Ensure Full Resistance of ECC Designs against Single-Trace Attacks

Langendoerfer

2022

Sensors

Elliptic curve cryptography (ECC) is one of the commonly used standard methods for encrypting and signing messages which is especially applicable to resource-constrained devices such as sensor nodes that are networked in the Internet of Things. The same holds true for wearable sensors. In these fields of application, confidentiality and data integrity are of utmost importance as human lives depend on them. In this paper, we discuss the resistance of our fast dual-field ECDSA accelerator against side-channel analysis attacks. We present our implementation of a design supporting four different NIST elliptic curves to allow the reader to understand the discussion of the resistance aspects. For two different target platforms—ASIC and FPGA—we show that the application of atomic patterns, which is considered to ensure resistance against simple side-channel analysis attacks in the literature, is not sufficient to prevent either simple SCA or horizontal address-bit DPA attacks. We also evaluated an approach which is based on the activity of the field multiplier to increase the inherent resistance of the design against attacks performed.