Search Results (9)

CRYSTALS-Kyber has been standardized as a general public-key post-quantum algorithm under the name of ML-KEM after NIST released its first three final post-quantum standards in August 2024. The resilience of post-quantum cryptography to side-channel attacks has been an important research endeavor, and there have been many attacks designed, including basic Correlation Power Analysis. This paper adapts existing Correlation Power Analysis attacks to the most recent ARM Cortex M4 optimized implementation that uses Plantard arithmetic. It also demonstrates an improved version of a CPA that results in a 50% speedup compared to the original attack. Data are gathered and the mathematical model is tested using a ChipWhisperer-Lite board. Full article

Considerable attention has been given to addressing side-channel attacks to improve the security of cryptographic hardware implementations. These attacks encourage the exploration of various countermeasures across different levels of abstraction, through masking and hiding techniques, mainly. In this paper, we introduce a novel hiding countermeasure designed to mitigate Correlation Power Analysis (CPA) attacks without significant overhead. The new countermeasure interferes with the processed data, minimizing the power correlation with the secret key. The proposed method involves using a Correlated-Power-Noise Generator (CPNG). This study is supported by experimental results using CPA attacks on a SAKURA-G board with a SPARTAN-6 Xilinx FPGA. An Advanced Encryption Standard (AES) cipher with 128/256-bit key size is employed for this purpose. The proposed secure design of AES has an area overhead of 29.04% compared to unprotected AES. After conducting a CPA attack, the acquisition of information about the private key has been reduced drastically by 44.5%. Full article

Field-programmable gate arrays (FPGAs) are widely used in cloud servers as an acceleration solution for compute-intensive tasks. Cloud FPGAs are typically multi-tenant, enabling resource sharing among multiple users but are vulnerable to power side-channel analysis (SCA) attacks due to their programmability and runtime dynamic reconfigurability. It is well-known that the clock frequencies of the circuits on multi-tenant FPGAs affect power consumption, but their impact on remote correlation power analysis (CPA) attacks has largely been ignored in the literature. This work systematically evaluates how clock frequency variations influence the effectiveness of remote CPA attacks on multi-tenant FPGAs. We develop a theoretical model to quantify this impact and validate our findings through the CPA attacks on processors running AES-128 and SM4 cryptographic algorithms. Our results demonstrate that the runtime clock frequency significantly affects the performance of remote CPA attacks. Our work provides valuable insights into the security implications of frequency scaling in multi-tenant FPGAs and offers guidance on selecting clock frequencies to mitigate power side-channel risks. Full article

Power noise generation for masking power traces is a powerful countermeasure against Simple Power Analysis (SPA), and it has also been used against Differential Power Analysis (DPA) or Correlation Power Analysis (CPA) in the case of cryptographic circuits. This technique makes use of power consumption generators as basic modules, which are usually based on ring oscillators when implemented on FPGAs. These modules can be used to generate power noise and to also extract digital signatures through the power side channel for Intellectual Property (IP) protection purposes. In this paper, a new power consumption generator, named Xored High Consuming Module (XHCM), is proposed. XHCM improves, when compared to others proposals in the literature, the amount of current consumption per LUT when implemented on FPGAs. Experimental results show that these modules can achieve current increments in the range from 2.4 mA (with only 16 LUTs on Artix-7 devices with a power consumption density of 0.75 mW/LUT when using a single HCM) to 11.1 mA (with 67 LUTs when using 8 XHCMs, with a power consumption density of 0.83 mW/LUT). Moreover, a version controlled by Pulse-Width Modulation (PWM) has been developed, named PWM-XHCM, which is, as XHCM, suitable for power watermarking. In order to build countermeasures against SPA attacks, a multi-level XHCM (ML-XHCM) is also presented, which is capable of generating different power consumption levels with minimal area overhead (27 six-input LUTS for generating 16 different amplitude levels on Artix-7 devices). Finally, a randomized version, named RML-XHCM, has also been developed using two True Random Number Generators (TRNGs) to generate current consumption peaks with random amplitudes at random times. RML-XHCM requires less than 150 LUTs on Artix-7 devices. Taking into account these characteristics, two main contributions have been carried out in this article: first, XHCM and PWM-XHCM provide an efficient power consumption generator for extracting digital signatures through the power side channel, and on the other hand, ML-XHCM and RML-XHCM are powerful tools for the protection of processing units against SPA attacks in IoT devices implemented on FPGAs. Full article

With the in-depth integration of deep learning and side-channel analysis (SCA) technology, the security threats faced by embedded devices based on the Internet of Things (IoT) have become increasingly prominent. By building a neural network model as a discriminator, the correlation between the side information leaked by the cryptographic device, the key of the cryptographic algorithm, and other sensitive data can be explored. Then, the security of cryptographic products can be evaluated and analyzed. For the AES-128 cryptographic algorithm, combined with the CW308T-STM32F3 demo board on the ChipWhisperer experimental platform, a Correlation Power Analysis (CPA) is performed using the four most common deep learning methods: the multilayer perceptron (MLP), the convolutional neural network (CNN), the recurrent neural network (RNN), and the long short-term memory network (LSTM) model. The performance of each model is analyzed in turn when the samples are small data sets, sufficient data sets, and data sets of different scales. Finally, each model is comprehensively evaluated by indicators such as classifier accuracy, network loss, training time, and rank of side-channel attacks. The experimental results show that the convolutional neural network CNN classifier has higher accuracy, lower loss, better robustness, stronger generalization ability, and shorter training time. The rank value is 2, that is, only two traces can recover the correct key byte information. The comprehensive performance effect is better. Full article

SIMON is a block cipher developed to provide flexible security options for lightweight hardware applications such as the Internet-of-things (IoT). Safeguarding such resource-constrained hardware from side-channel attacks poses a significant challenge. Adiabatic circuit operation has recently received attention for such applications due to ultra-low power consumption. In this work, a charge-based methodology is developed to mount a correlation power analysis (CPA) based side-channel attack to an adiabatic SIMON core. The charge-based method significantly reduces the attack complexity by reducing the required number of power samples by two orders of magnitude. The CPA results demonstrate that the required measurements-to-disclosure (MTD) to retrieve the secret key of an adiabatic SIMON core is 4× higher compared to a conventional static CMOS based implementation. The effect of increase in the target signal load capacitance on the MTD is also investigated. It is observed that the MTD can be reduced by half if the load driven by the target signal is increased by 2× for an adiabatic SIMON, and by 5× for a static CMOS based SIMON. This sensitivity to target signal capacitance of the adiabatic SIMON can pose a serious concern by facilitating a more efficient CPA attack. Full article

Format-Preserving Encryption (FPE) for Internet of Things (IoT) enables the data encryption while preserving the format and length of original data. With these advantages, FPE can be utilized in many IoT applications. However, FPE requires complicated computations and these are high overheads on IoT embedded devices. In this paper, we proposed an efficient implementation of Format-preserving Encryption Algorithm (FEA), which is the Korean standard of FPE, and the first-order masked implementation of FEA on both low-end (i.e., AVR microcontroller) and high-end (i.e., ARM processor) IoT devices. Firstly, we show the vulnerability of FEA when it comes to the Correlation Power Analysis (CPA) approach. Afterward, we propose an efficient implementation method and the masking technique for both low-end IoT device and high-end IoT device. The proposed method is secure against power analysis attacks but the performance degradation of masked measure is only 2.53∼3.77% than the naïve FEA implementation. Full article

Physical cryptographic implementations are vulnerable to so-called side-channel attacks, in which sensitive information can be recovered by analyzing physical phenomena of a device during operation. In this survey, we trace the development of power side-channel analysis of cryptographic implementations over the last twenty years. We provide a foundation by exploring, in depth, several concepts, such as Simple Power Analysis (SPA), Differential Power Analysis (DPA), Template Attacks (TA), Correlation Power Analysis (CPA), Mutual Information Analysis (MIA), and Test Vector Leakage Assessment (TVLA), as well as the theories that underpin them. Our introduction, review, presentation, and survey of topics are provided for the “non expert”, and are ideal for new researchers entering this field. We conclude the work with a brief introduction to the use of test statistics (specifically Welch’s t-test and Pearson’s chi-squared test) as a measure of confidence that a device is leaking secrets through a side-channel and issue a challenge for further exploration. Full article

This paper investigates countermeasures to side-channel attacks. A dynamic partial reconfiguration (DPR) method is proposed for field programmable gate arrays (FPGAs)s to make techniques such as differential power analysis (DPA) and correlation power analysis (CPA) difficult and ineffective. We call the technique side-channel power resistance for encryption algorithms using DPR, or SPREAD. SPREAD is designed to reduce cryptographic key related signal correlations in power supply transients by changing components of the hardware implementation on-the-fly using DPR. Replicated primitives within the advanced encryption standard (AES) algorithm, in particular, the substitution-box (SBOX)s, are synthesized to multiple and distinct gate-level implementations. The different implementations change the delay characteristics of the SBOXs, reducing correlations in the power traces, which, in turn, increases the difficulty of side-channel attacks. The effectiveness of the proposed countermeasures depends greatly on this principle; therefore, the focus of this paper is on the evaluation of implementation diversity techniques. Full article