Improving CPA Attack Against DSA and ECDSA

Marek Repka; Michal Varchola; Miloš Drutarovský

doi:10.2478/jee-2015-0025

Abstract

In this work, we improved Correlation Power Analysis (CPA) attack against Digital Signature Algorithm (DSA) and its various derivations, such as Elliptic Curve Digital Signature Algorithm (ECDSA). The attack is aimed against integer multiplication with constant secret operand. We demonstrate this improvement on 16-bit integer multiplier in FPGA. The improvement makes it possible to guess more blocks of key, and the improvement also eliminates errors of simulated attacks what is very important when approximating attack success rate and complexity based on simulated attacks. We also discus a possible efficient countermeasure.

References

[1] KOCHER, P. C.-JAFFE, J.-JUN, B. : Differential Power Analysis, Proc. of the 19th Annual International Cryptol- ogy Conference on Advances in Cryptology in CRYPTO ’99, Springer-Verlag, London, UK, 1999, pp. 388-397.10.1007/3-540-48405-1_25
Search in Google Scholar
[2] BRIER, E.-CLAVIER, C.-OLIVIER, F. : Correlation Power Analysis with a Leakage Model, CHES, Handbook, Mill Valley, CA: University Science, 2004, pp. 16-29.10.1007/978-3-540-28632-5_2
Search in Google Scholar
[3] QUISQUATER, J.-J.-SAMYDE, D. : Electro-Magnetic Anal- ysis (EMA), Measures and Counter-Measures for Smart Cards Proceedings of E-SMART ’01, Springer-Verlag, London, UK, 2001, pp. 200-210.10.1007/3-540-45418-7_17
Search in Google Scholar
[4] DING, G. L.-CHU, J.-YUAN, L. ZHAO, Q. : Correlation Electromagnetic Analysis for Cryptographic Device, Proc. of the 2009 Pacific-Asia Conference on Circuits, Communications and Systems, IEEE Computer Society, Washington, DC, USA, 2009, pp. 388-391.10.1109/PACCS.2009.144
Search in Google Scholar
[5] MANGARD, S.-OSWALD, E.-POPP, T. : Power Analysis Attacks - Revealing the Secrets of Smart Cards, Advances in Information Security, Handbook, Springer-Verlag, New York, 2007.
Search in Google Scholar
[6] MEDWED, M.-OSWALD, M. E. : Template Attacks on ECDSA, 9th International Workshop, WISA 2008, Jeju Island, Korea, September 23-25, 2008, Revised Selected Papers in Lec- ture Notes in Computer Science, Springer, 2009, pp. 14-27.
Search in Google Scholar
[7] STANDAERT, F.-X.-MALKIN, T.-YUNG. M. : A Unified Framework for the Analysis of Side-Channel Key Recovery At- tacks, In Advances in Cryptology EUROCRYPT 2009 (A. Joux,, ed.), LNCS 5479, Springer, Berlin, pp. 443-461.10.1007/978-3-642-01001-9_26
Search in Google Scholar
[8] SCHINDLER, W.-LEMKE, K.-PAAR, C. : A Stochastic Model for Differential Side Channel Cryptanalysis, In Crypto- graphic Hardware and Embedded Systems CHES 2005, LNCS 3659, Springer, pp. 30-46.10.1007/11545262_3
Search in Google Scholar
[9] RIVAIN, M. : On the Exact Success Rate of Side Channel Anal- ysis in the Gaussian Model, In Selected Areas in Cryptography (R. Avanzi, L. Keliher, and F. Sica, eds.), LNCS 5381, Springer, Berlin, pp. 165-183.10.1007/978-3-642-04159-4_11
Search in Google Scholar
[10] BATINA, L.-GIERLICHS, B.-PROUFF, E.-RIVAIN, M.- STANDAERT, F.-X.-VEYRAT-CHARVILLON, N. : Mutual Information Analysis: a Comprehensive Study, Journal of Cryp- tology 24 No. 2 (2011), 269-291.
Search in Google Scholar
[11] HEUSER, A.-ZOHNER, M. : Intelligent Machine Homicide - Breaking Cryptographic Devices using Support Vector Ma- chines, In Constructive Side-Channel Analysis and Secure De- sign 3th International Workshop, COSADE 2012, Proceedings (Schindler and Huss, eds.), LNCS 7275, Springer, Darmstadt, Germany, 2012, pp. 249-264.10.1007/978-3-642-29912-4_18
Search in Google Scholar
[12] KARPOVSKY, M. G.-KULIKOWSKI, K. J.-TAUBIN, A. : Robust Protection against Fault Injection Attacks on Smart Cards Implementing the Advanced Encryption Standard, In: DSN, IEEE Computer Society, Florence, Italy, 2004, pp. 93-101.10.1109/DSN.2004.1311880
Search in Google Scholar
[13] GUILLEY, S.-SAUVAGE, L.-DANGER, J. L.-SELMANE, N. : Fault Injection Resilience, In FDTC, IEEE Computer So- ciety, Santa Barbara, CA, USA, Aug 2010, pp. 51-65.10.1109/FDTC.2010.15
Search in Google Scholar
[14] CLAVIER, C.-GAJ, K. : Trojan Side-Channels: Lightweight Hardware Trojans through Side-Channel Engineering, Pro- ceedings 11th International Workshop Lausanne, Switzerland, September 6-9, 2009 CHES, Springer, Berlin Heidelberg, 2009, pp. 382-395.10.1007/978-3-642-04138-9_27
Search in Google Scholar
[15] HUTTER, M.-MEDWED, M.-HEIN, D.-WOLKERSTOR- FER, J. : Attacking ECDSA-Enabled RFID Devices, ACNS 2009, LNCS 5536, Springer-Verlag, Berlin Heidelberg, 2009, pp. 519-534.10.1007/978-3-642-01957-9_32
Search in Google Scholar
[16] DANGER, J. L.-GUILLEY, S.-BHASIN, S.-NASSAR, M. : Overview of Dual Rail with Precharge Logic Styles to Thwart Implementation-Level Attacks on Hardware Cryptoprocessors, New Attacks and Improved CounterMeasures, In: SCS (Novem- ber 6-8, 2009), IEEE, Jerba Tunisia, p. 18.10.1109/ICSCS.2009.5412599
Search in Google Scholar
[17] AKKAR, M.-L.-GIRUAD, C. : An Implementation of DES and AES, Secure Against some Attacks, In Cryptographic Hard- ware and Embedded Systems - CHESS 2001, Proceedings Third Interational Workshop, Paris, France, May 14-16, Springer, 2001, pp. 309-318.10.1007/3-540-44709-1_26
Search in Google Scholar

Improving CPA Attack Against DSA and ECDSA

Abstract

Paradigm

My account