On the Security of Balanced Encoding Countermeasures

Won, Yoo-Seung; Hodgers, Philip; O’Neill, Máire; Han, Dong‐Guk

doi:10.1007/978-3-319-31271-2_15

Cited by 3 publications

(5 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In 2011, Hoogvorst et al first tried to bring dual-rail-based schemes of hardware into software [7]. Han [12,13]. The most recent balancing countermeasure based on a Han-like encoding rule is the method proposed by Pour et al [19].…”

Section: Existing Work On Power-balancing Countermeasures By Employimentioning

confidence: 99%

“…In DPL styles, a logic bit a is represented by a 2-bit pair (a, a), where a is the complement bit of a. Hoogvorst et al was the first to attempt to create DPL styles of hardware into software [7]. Since then, several studies, such as constant XOR and look-up table-based (LUT-based) operations, have applied these schemes to symmetric ciphers [10][11][12][13][14][15][16][17][18]. Here, constant operators, such as constant XOR, are modified into operations that always hold the same HW/HD in internal process by using only assembly language.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Power-Balancing Software Implementation to Mitigate Side-Channel Attacks without Using Look-Up Tables

Kim

Hong

2020

Applied Sciences

View full text Add to dashboard Cite

With the increasing number of side-channel attacks, countermeasure designers continue to develop various implementations to address such threats. Power-balancing (PB) methods hold the number of 1s and/or transitions (i.e., Hamming weight/distance) of internal processes constant to ensure side-channel safety in an environment in which it is difficult to use random numbers. Most existing studies employed look-up tables (LUTs) to compute those operations, except for XOR and NOT operations. However, LUT-based schemes exhibit some side-channel issues in the address bits of LUTs. In this paper, we propose the application of AND and ADD operations to PB methods based on a rule that encodes 8-bit data into a 32-bit codeword without using LUTs. Unlike previous studies that employed LUTs, our proposals overcome side-channel vulnerabilities associated with the address bits and memory wastage. In addition, we evaluate the side-channel security ensured by the proposed method in comparison with that ensured by other methods. Finally, we apply our methods to SIMON/SPECK ciphers and analyze their performance by comparing them with older schemes.

show abstract

Section: Existing Work On Power-balancing Countermeasures By Employimentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Power-Balancing Software Implementation to Mitigate Side-Channel Attacks without Using Look-Up Tables

Kim

Hong

2020

Applied Sciences

View full text Add to dashboard Cite

show abstract

“…In this section, we review the simulated leakage model from [22]. To obtain a more realistic model, the polynomial form is chosen as the simulated leakage model.…”

Section: Leakage Modelmentioning

confidence: 99%

“…Unlike many previous models, the value of the coefficients in the leakage model is likely to follow a normal distribution. The model in [22] proves useful when a countermeasure, such as a constant weight, is evaluated. The leakage model is as follows.…”

Section: Leakage Modelmentioning

confidence: 99%

Security of Constant Weight Countermeasures

Won¹,

Choi²,

Park³

et al. 2017

ETRI Journal

Self Cite

View full text Add to dashboard Cite

This paper investigates the security of constant weight countermeasures, which aim to produce indistinguishable leakage from sensitive variables and intermediate variables, assuming a constant Hamming distance and/or Hamming weight leakages. To investigate the security of recent countermeasures, contrary to many related studies, we assume that the coefficients of the simulated leakage models follow a normal distribution so that we may construct a model with approximately realistic leakages. First, using our simulated leakage model, we demonstrate security holes in these previous countermeasures. Subsequently, in contrast to the hypotheses presented in previous studies, we confirm the resistance of these countermeasures to a standard correlation power analysis (CPA). However, these countermeasures can allow a bitwise CPA to leak a sensitive variable with only a few thousand traces.

show abstract

“…Similarly, balanced encoding [6] provided good resistance against standard CPA. Recently, it was shown that if the attacker chooses to perform a bit-wise CPA on balanced encoding, the security gain is drastically reduced [7]. Nevertheless, both implementations show some amount of side-channel resistance.…”

Section: B Software-oriented Dplmentioning

confidence: 99%

The other side of the coin: Analyzing software encoding schemes against fault injection attacks

Breier¹,

Jap

Bhasin³

2016

2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)

View full text Add to dashboard Cite

The versatility and cost of embedded systems have made it ubiquitous. Such wide-application exposes an embedded system to a variety of physical threats like side-channel attacks (SCA) and fault attacks (FA). Recently, a couple of software encoding schemes were proposed as a protection against SCA. These protection schemes are based on dual-rail precharge logic (DPL), previously shown resistant to both SCA and FA. In this paper, we analyze the previously proposed software encoding schemes against FA. Our results show that software encoding offers only limited resistance to FA. Finally, improvement to software-encoding schemes is improved. With this improvement, software encoding can serve as a common SCA and FA countermeasure with an exploitable fault probability as low as 0.0048.

show abstract

On the Security of Balanced Encoding Countermeasures

Cited by 3 publications

References 30 publications

Power-Balancing Software Implementation to Mitigate Side-Channel Attacks without Using Look-Up Tables

Power-Balancing Software Implementation to Mitigate Side-Channel Attacks without Using Look-Up Tables

Security of Constant Weight Countermeasures

The other side of the coin: Analyzing software encoding schemes against fault injection attacks

Contact Info

Product

Resources

About