Lejla Batina

Mutual Information Analysis

We propose a generic information-theoretic distinguisher for differential side-channel analysis. Our model of side-channel leakage is a refinement of the one given by Standaert et al.An embedded device containing a secret key is modeled as a black box with a leakage function whose output is captured by an adversary through the noisy measurement of a physical observable. Although quite general, the model and the distinguisher are practical and allow us to develop a new differential side-channel attack. More precisely, we build a distinguisher that uses the value of the Mutual Information between the observed measurements and a hypothetical leakage to rank key guesses. The attack is effective without any knowledge about the particular dependencies between measurements and leakage as well as between leakage and processed data, which makes it a universal tool. Our approach is confirmed by results of power analysis experiments. We demonstrate that the model and the attack work effectively in an attack scenario against DPA-resistant logic.

RFID-Tags for anti-counterfeiting

RFID-tags are becoming very popular tools for identification of products. As they have a small microchip on board, they offer functionality that can be used for security purposes. This chip functionality makes it possible to verify the authenticity of a product and hence to detect and prevent counterfeiting. In order to be successful for these security purposes too, RFID-tags have to be resistant against many attacks, in particular against cloning of the tag. In this paper, we investigate how an RFID-tag can be made unclonable by linking it inseparably to a Physical Unclonable Function (PUF). We present the security protocols that are needed for the detection of the authenticity of a product when it is equipped with such a system. We focus on off-line authentication because it is very attractive from a practical point of view. We show that a PUF based solution for RFID-tags is feasible in the off-line case.

Elliptic-Curve-Based Security Processor for RFID

RFID (radio frequency identification) tags need to include security functions, yet at the same time their resources are extremely limited. Moreover, to provide privacy, authentication and protection against tracking of RFID tags without loosing the system scalability, a public-key based approach is inevitable, which is shown by M. Burmester et al. In this paper, we present an architecture of a state-of-the-art processor for RFID tags with an elliptic curve (EC) processor over GF(2163). It shows the plausibility of meeting both security and efficiency requirements even in a passive RFID tag. The proposed processor is able to perform EC scalar multiplications as well as general modular arithmetic (additions and multiplications) which are needed for the cryptographic protocols. As we work with large numbers, the register file is the most critical component in the architecture. By combining several techniques, we are able to reduce the number of registers from 9 to 6 resulting in EC processor of 10.1 K gates. To obtain an efficient modulo arithmetic, we introduce a redundant modular operation. Moreover the proposed architecture can support multiple cryptographic protocols. The synthesis results with a 0.13 um CMOS technology show that the gate area of the most compact version is 12.5 K gates.

Public-Key Cryptography for RFID-Tags

RFID-tags are a new generation of bar-codes with added functionality. An emerging application is the use of RFID-tags for anti-counterfeiting by embedding them into a product. Public-key cryptography (PKC) offers an attractive solution to the counterfeiting problem but whether a publickey cryptosystem can be implemented on an RFID tag or not remains unclear. In this paper, we investigate which PKC-based identification protocols are useful for these anti-counterfeiting applications. We also discuss the feasibility of identification protocols based on elliptic curve cryptography (ECC) and show that it is feasible on RFID tags. Finally, we compare different implementation options and explore the cost that side-channel attack countermeasures would have on such implementations

Mutual Information Analysis: a Comprehensive Study

Mutual Information Analysis is a generic side-channel distinguisher that has been introduced at CHES 2008. It aims to allow successful attacks requiring minimum assumptions and knowledge of the target device by the adversary. In this paper, we compile recent contributions and applications of MIA in a comprehensive study. From a theoretical point of view, we carefully discuss its statistical properties and relationship with probability density estimation tools. From a practical point of view, we apply MIA in two of the most investigated contexts for side-channel attacks. Namely, we consider first-order attacks against an unprotected implementation of the DES in a full custom IC and second-order attacks against a masked implementation of the DES in an 8-bit microcontroller. These experiments allow to put forward the strengths and weaknesses of this new distinguisher and to compare it with standard power analysis attacks using the correlation coefficient.

Low-Cost elliptic curve cryptography for wireless sensor networks

This work describes a low-cost Public-Key Cryptography (PKC) based solution for security services such as key-distribution and authentication as required for wireless sensor networks. We propose a custom hardware assisted approach to implement Elliptic Curve Cryptography (ECC) in order to obtain stronger cryptography as well as to minimize the power. Our compact and low-power ECC processor contains a Modular Arithmetic Logic Unit (MALU) for ECC field arithmetic. The best solution features 6718 gates for the MALU and control unit (data memory not included) in 0.13 μm CMOS technology over the field

Hardware implementation of an elliptic curve processor over GF(p)

{\mathbb{F}_{2^{131}}}

A systematic evaluation of compact hardware implementations for the rijndael s-box

, which provides a reasonable level of security for the time being. In this case the consumed power is less than 30 μW when operating frequency is 500 kHz.

Hardware architectures for public key cryptography

We describe a hardware implementation of an arithmetic processor which is efficient for bit-lengths suitable for both commonly used types of public key cryptography (PKC), i.e., elliptic curve (EC) and RSA cryptosystems. Montgomery modular multiplication in a systolic array architecture is used for modular multiplication. The processor consists of special operational blocks for Montgomery modular multiplication, modular addition/subtraction, EC point doubling/addition, modular multiplicative inversion, EC point multiplier, projective to affine coordinates conversion and Montgomery to normal representation conversion.

EC-RAC (ECDLP Based Randomized Access Control): Provably Secure RFID authentication protocol

This work proposes a compact implementation of the AES S-box using composite field arithmetic in GF(((22)2)2). It describes a systematic exploration of different choices for the irreducible polynomials that generate the extension fields. It also examines all possible transformation matrices that map one field representation to another. We show that the area of Satohs S-box, which is the most compact to our knowledge, is at least 5% away from an optimal solution. We implemented this optimal solution and Satohs design using a 0.18 μm standard cell library.