Protecting secret keys in networked devices with table encoding against power analysis attacks

Nowadays, secret keys of networked devices are profoundly attacked by power analysis attacks, caused by the dramatic evolution of statistical analysis with a simple experimental setup. Recently, OpenSSL and CoreBitcoin running on Android and iOS have been broken by power analysis. Moreover, sensors...

Full description

Saved in:
Bibliographic Details
Published inJournal of high speed networks Vol. 22; no. 4; pp. 293 - 307
Main Authors Kim, Taesung, Lee, Seungkwang, Choi, Dooho, Yoon, Hyunsoo
Format Journal Article
LanguageEnglish
Published London, England SAGE Publications 01.01.2016
Subjects
Online AccessGet full text

Cover

Loading…
More Information
Summary:Nowadays, secret keys of networked devices are profoundly attacked by power analysis attacks, caused by the dramatic evolution of statistical analysis with a simple experimental setup. Recently, OpenSSL and CoreBitcoin running on Android and iOS have been broken by power analysis. Moreover, sensors and actuators can also be attacked thereby threatening user’s privacy and security. To resolve these challenges, power-analysis-resistant implementations of cryptographic algorithms in networked devices have received a lot of attentions. Masking schemes have been developed to implement secure cryptographic algorithms against side-channel analysis (SCA) attacks. Technically, the first-order masking method is vulnerable to the second order differential power analysis (2ODPA) attacks, but the current solutions against 2ODPA are expensive to be implemented. Moreover, worse performance will be shown if the cryptographic algorithms include boolean and arithmetic operations. In this paper, we propose a new countermeasure scheme to resist SCA attacks. Our scheme randomizes all the intermediate values of block cipher by encoding functions in the algorithm to lookup table and makes it resistant to power analysis attack. We apply our scheme to the block cipher algorithm, HIGHT. Our protected implementation of HIGHT takes only 1.79 times compared to the straightforward algorithm, and it needs 25 kbytes to store lookup tables in memory.
ISSN:0926-6801
1875-8940
DOI:10.3233/JHS-160550