research-article

DPA on hardware implementations of Ascon and Keyak

Authors:
Niels Samwel

Digital Security Group, Radboud University Nijmegen

Digital Security Group, Radboud University Nijmegen
View Profile

,
Joan Daemen

Digital Security Group, Radboud University Nijmegen, ST Microelectronics

Digital Security Group, Radboud University Nijmegen, ST Microelectronics
View Profile

Authors Info & Claims

CF'17: Proceedings of the Computing Frontiers ConferenceMay 2017Pages 415–424https://doi.org/10.1145/3075564.3079067

Published:15 May 2017Publication History

CF'17: Proceedings of the Computing Frontiers Conference

Pages 415–424

ABSTRACT

This work applies side channel analysis on hardware implementations of two CAESAR candidates, Keyak and Ascon. Both algorithms are cryptographic sponges with an iterated permutation. The algorithms share an s-box so attacks on the non-linear step of the permutation are similar. This work presents the first results of a DPA attack on Keyak using traces generated by an FPGA. A new attack is crafted for a larger sensitive variable to reduce the number of traces. It also presents and applies the first CPA attack on Ascon. Using a toy-sized threshold implementation of Ascon we try to give insight in the order of the steps of a permutation.

References

Farzaneh Abed, Christian Forler, and Stefan Lucks. 2014. General Overview of the Authenticated Schemes for the First Round of the CAESAR Competition. Technical Report. Cryptology ePrint Archive: Report 2014/792.{2} CAESAR submissions, second-round candidates. Available: http://competitions.cr.yp.to/caesar-submissions.html. https://pdfs.semanticscholar.org/9d87/276411a6ea1b1c6b89c7a04306221fc8b8b8.pdfGoogle Scholar
Guido Bertoni, Joan Daemen, Nicolas Debande, Thanh Ha Le, Michaël Peeters, and Gilles Van Assche. 2012. Power analysis of hardware implementations protected with secret sharing. In Proceedings - 2012 IEEE/ACM 45th International Symposium on Microarchitecture Workshops, MICROW 2012. Institute of Electrical and Electronics Engineers (IEEE), 9--16. Google ScholarDigital Library
G. Bertoni, J. Daemen, M. Peeters, and G. Van Assche. 2011. The Keccak reference. (January 2011). http://keccak.noekeon.org/Keccak-reference-3.0.pdf http://keccak.noekeon.org/.Google Scholar
Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche. 2012. Permutation-based encryption, authentication and authenticated encryption. Directions in Authenticated Ciphers (2012).Google Scholar
Guido Bertoni, Joan Daemen, MichaÃńl Peeters, Gilles van Assche, and Ronny van Keer. 2016. CAESAR submission: Keyak v2. (2016). http://keyak.noekeon.org/Keyakv2-doc2.2.pdfGoogle Scholar
BegÃijl Bilgin, Joan Daemen, Ventzislav Nikov, Svetla Nikova, Vincent Rijmen, and Gilles Van Assche. 2014. Efficient and First-Order DPA Resistant Implementations of Keccak. In Smart Card Research and Advanced Applications. Springer Science & Business Media, 187--199.Google Scholar
Paul Bottinelli and Joppe W Bos. 2015. Computational aspects of correlation power analysis. Journal of Cryptographic Engineering (feb 2015), 1--15.Google Scholar
Eric Brier, Christophe Clavier, and Francis Olivier. 2004. Correlation Power Analysis with a Leakage Model. In Lecture Notes in Computer Science. Springer Nature, 16--29.Google Scholar
Suresh Chari, Charanjit S. Jutla, Josyula R. Rao, and Pankaj Rohatgi. 1999. Towards Sound Approaches to Counteract Power-Analysis Attacks. In Advances in Cryptology --- CRYPTO' 99. Springer Nature, 398--412. Google ScholarDigital Library
Joan Daemen. 2016. Changing of the Guards: a simple and efficient method for achieving uniformity in threshold sharing. (2016), 1--8.Google Scholar
C. Dobraunig, M. Eichlseder, F. Mendel, and M. SchlÃd'ffer. 2015. Ascon v1.l Submission to CAESAR. (2015). https://competitions.cr.yp.to/round2/asconv11.pdfGoogle Scholar
Jack W Dunlap. 1937. Combinative properties of correlation coefficients. The Journal of Experimental Education 5, 3 (jan 1937), 286--288.Google ScholarCross Ref
Paul Kocher, Joshua Jaffe, and Benjamin Jun. 1999. Differential Power Analysis. In Advances in Cryptology --- CRYPTO' 99. Springer Nature, 388--397. Google ScholarDigital Library
Pei Luo, Yunsi Fei, Xin Fang, A. Adam Ding, David R. Kaeli, and Miriam Leeser. 2015. Side-channel analysis of MAC-Keccak hardware implementations. In Proceedings of the Fourth Workshop on Hardware and Architectural Support for Security and Privacy - HASP '15. Association for Computing Machinery (ACM). Google ScholarDigital Library
Stefan Mangard, Elisabeth Oswald, and Thomas Popp. 2008. Power analysis attacks: Revealing the secrets of smart cards. Vol. 31. Springer Science & Business Media. Google ScholarDigital Library
Svetla Nikova, Christian Rechberger, and Vincent Rijmen. 2006. Threshold Implementations Against Side-Channel Attacks and Glitches. In Information and Communications Security. Springer Science & Business Media, 529--545. Google ScholarDigital Library
Svetla Nikova, Vincent Rijmen, and Martin SchlÃd'ffer. 2010. Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches. Journal of Cryptology 24, 2 (oct 2010), 292--321. Google ScholarDigital Library
Philippe Pierre Pebay. 2008. Formulas for robust, one-pass parallel computation of covariances and arbitrary-order statistical moments. Technical Report. Sandia National Laboratories.Google Scholar
Eric Peeters, François-Xavier Standaert, Nicolas Donckers, and Jean-Jacques Quisquater. 2005. Improved higher-order side-channel attacks with FPGA experiments. In International Workshop on Cryptographic Hardware and Embedded Systems. Springer, 309--323. Google ScholarDigital Library
Emmanuel Prouff and Matthieu Rivain. 2013. Masking against side-channel attacks: A formal security proof. In Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Springer Science & Business Media, 142--159.Google ScholarCross Ref
François-Xavier Standaert, Nicolas Veyrat-Charvillon, Elisabeth Oswald, Benedikt Gierlichs, Marcel Medwed, Markus Kasper, and Stefan Mangard. 2010. The World Is Not Enough: Another Look on Second-Order DPA. In Advances in Cryptology - ASIACRYPT 2010. Springer Nature, 112--129.Google Scholar
Mostafa Taha and Patrick Schaumont. 2013. Side-Channel Analysis of MAC-Keccak. In 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST). Institute of Electrical and Electronics Engineers (IEEE).Google Scholar

Recommendations

Ascon hardware implementations and side-channel evaluation

Having ciphers that provide confidentiality and authenticity, that are fast in software and efficient in hardware, these are the goals of CAESAR, the Competition for Authenticated Encryption: Security, Applicability, and Robustness. In this paper, the ...
Read More
Automatic Search of Linear Structure: Applications to Keccak and Ascon
Information Security and Cryptology
Abstract
The linear structure technique was developed by Guo et al. at ASIACRYPT 2016, notably boosting the preimage attacks on Keccak. This technique transforming the preimage attack into solving algebraic systems allows entire linearization of the ...
$^{}^{}$ $^{}^{}$ $^{}$ $^{}$ $^{}$
Read More
Suit up! -- Made-to-Measure Hardware Implementations of ASCON
DSD '15: Proceedings of the 2015 Euromicro Conference on Digital System Design

Having ciphers that provide confidentiality and authenticity, that are fast in software and efficient in hardware, these are the goals of the CAESAR authenticated encryption competition. In this paper, the promising CAESAR candidate ASCON is implemented ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CF'17: Proceedings of the Computing Frontiers Conference
May 2017
450 pages
ISBN:9781450344876
DOI:10.1145/3075564
General Chair:
Roberto Giorgi
University of Siena, IT
,
Program Chairs:
Michela Becchi
North Carolina State University
,
Francesca Palumbo
University of Sassari, IT
Copyright © 2017 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 15 May 2017
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Ascon
Differential power analysis
Hardware implementations
Keccak
Keyak
Qualifiers
- research-article
- Research
- Refereed limited
Conference

Acceptance Rates
CF'17 Paper Acceptance Rate43of87submissions,49%Overall Acceptance Rate240of680submissions,35%
More
Upcoming Conference
CF '24

Sponsor:

sigmicro

21st ACM International Conference on Computing Frontiers

May 7 - 9, 2024

Ischia , Italy
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 12
  Total Citations
  View Citations
- 351
  Total Downloads
- Downloads (Last 12 months)118
- Downloads (Last 6 weeks)16
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

DPA on hardware implementations of Ascon and Keyak

CF'17: Proceedings of the Computing Frontiers Conference

ABSTRACT

References

Cited By

Recommendations

Ascon hardware implementations and side-channel evaluation

Automatic Search of Linear Structure: Applications to Keccak and Ascon

Suit up! -- Made-to-Measure Hardware Implementations of ASCON