Filippo Melzani

On the Efficiency of Design Time Evaluation of the Resistance to Power Attacks

Side-channel attacks are a realistic threat to the security of real world implementations of cryptographic algorithms. In order to evaluate the resistance of designs against power analysis attacks, power values obtained from circuit simulations in early design phases offer two distinct advantages: First, they offer fast feedback loops to designers, second the number of redesigns can be reduced. This work investigates the accuracy of design time power estimation tools in assessing the security level of a device against differential power attacks.

Simulations of Optical Emissions for Attacking AES and Masked AES

In this paper we present a novel attack based on photonic emission analysis targeting software implementations of AES. We focus on the particular case in which the attacker can collect the photonic emission of a limited number of sense amplifiers e.g. only one of the SRAM storing the S-Box. The attack consists in doing hypothesis on the secret key based on the knowledge of the partial output of the SubBytes operation. We also consider the possibility to attack a masked implementation of AES using the photonic emission analysis. In the case of masking, the attacker needs 2 leakages of the same encryption to overcome the randomization of the masks. For our analysis, we assume the same physical setup described in other previous works. Reported results are based on simulations with some hypothesis on the probability of photonic emission of a single transistor.

The role of the fault model in DFA against AES

Several attacks based on fault injection have been presented against the AES algorithm. Most of these attacks belong to the class of Differential Fault Analysis. Every attack relies on a specific fault model defined as hypothesis by the authors of the attack. In this paper we analyze the role of the knowledge by the attacker about such fault model on the practical effectiveness of the attacks.

Symbolic Analysis of Higher-Order Side Channel Countermeasures

In this paper, we deal with the problem of efficiently assessing the higher order vulnerability of a hardware cryptographic circuit. Our main concern is to provide methods that allow a circuit designer to detect early in the design cycle if the implementation of a Boolean-additive masking countermeasure does not hold up to the required protection order. To achieve this goal, we promote the search for vulnerabilities from a statistical problem to a purely symbolical one and then provide a method for reasoning about this new symbolical interpretation. Eventually we show, with a synthetic example, how the proposed conceptual tool can be used for exploring the vulnerability space of a cryptographic primitive.

Spectral Features of Higher-Order Side-Channel Countermeasures

This brief deals with the problem of mathematically formalizing hardware circuits’ vulnerability to side-channel attacks. We investigate whether spectral analysis is a useful analytical tool for this purpose by building a mathematically sound theory of the vulnerability phenomenon. This research was originally motivated by the need for deeper, more formal knowledge around vulnerable nonlinear circuits. However, while building this new theoretical framework, we discovered that it can consistently integrate known results about linear ones as well. Eventually, we found it adequate to formally model side-channel leakage in several significant scenarios. In particular, we have been able to find the vulnerability perimeter of a known cryptographic primitive (i.e., Keccak [1] ) and thus tackle the analysis of vulnerability when signal glitches are present. We believe the conceptual framework we propose will be useful for researchers and practitioners in the field of applied cryptography and side-channel attacks.

J-DFA: A Novel Approach for Robust Differential Fault Analysis

Fault attacks are among the most effective techniquesto break real implementations of cryptographic algorithms. They usually require some kind of knowledge bythe attacker on the effect of the faults on the target device, which in practice turns to be a poorly reliable informationtypically affected by uncertainty. This paper is devoted toaddress this problem by softening the a-priori knowledge on the injection technique needed by the attacker in the contextof Differential Fault Analysis (DFA). We conceive an originalsolution, named J-DFA, based on translating the stage ofdifferential cryptanalysis of DFA attacks into terms of fittingmultiple models to data corrupted by outliers. Specifically, wetailor J-Linkage algorithm [9] to the fault analysis. In order toshow the effectiveness of J-DFA and its benefits in practicalscenarios, we applied the technique under different attackconditions.

Differential fault attacks against AES tampering with the instruction flow

Most of the attacks against the Advanced Encryption Standard based on faults mainly aim at either altering the temporary value of the message or key during the computation. Few other attacks tamper the instruction flow in order to reduce the number of round iterations to one or two. In this work, we extend this idea and present fault attacks against the AES algorithm that exploit the misbehavior of the instruction flow during the last round. In particular, we consider faults that cause the algorithm to skip, repeat or corrupt one of the four AES round functions. In principle, these attacks are applicable against both software and hardware implementations, by targeting the execution of instructions or the control logic. As conclusion countermeasures against fault attacks must also cover the instruction flow and not only the processed data.

Secret Key Crypto Implementations

This chapter presents the algorithm selected in 2001 as the Advanced Encryption Standard. This algorithm is the base for implementing security and privacy based on symmetric key solutions in almost all new applications. Secret key algorithms are used in combination with modes of operation to provide different security properties. The most used modes of operation are presented in this chapter. Finally an overview of the different techniques of software and hardware implementations is given.

Practical Power Analysis Attacks to RSA on a Large IP Portfolio SoC

The RSA algorithm is the most widely used public-key cryptosystem. For this reason it is important to protect RSA-based cryptosystems from the threat of Side Channels Attacks and particularly from Power Analysis.This article presents the application of Power Analysis attacks based on real power measurements and describes the main experimental results obtained by attacking software implementations of the RSA algorithm executed on an ARM 926 processor running at 266 MHz. Few practical results of similar type are reported in the literature, and none of them targets a complex SoC running at such a high frequency as that considered in this paper.