Nikita Veshchikov

Semi-Supervised template attack

Side channel attacks take advantage of information leakages in cryptographic devices. Template attacks form a family of side channel attacks which is reputed to be extremely effective. This kind of attacks assumes that the attacker fully controls a cryptographic device before attacking a similar one. In this paper, we propose to relax this assumption by generalizing the template attack using a method based on a semi-supervised learning strategy. The effectiveness of our proposal is confirmed by software simulations, by experiments on a 8-bit microcontroller and by a comparison to a template attack as well as to two supervised machine learning methods.

SILK: high level of abstraction leakage simulator for side channel analysis

This paper proposes a new way of simulating leakage traces using high level of abstraction models and presents a proof of concept implementation simulator called SILK -- a tool for leakage simulation for side channel analysis of microcontrollers and microprocessors. SILK is a high level of abstraction simulator that builds a leakage trace based on a source code of an algorithm and several user-defined parameters. One of the main purposes of SILK is data generation for quick analysis of new attacks, countermeasures or preprocessing methods. SILK might also be used to compare different types of attacks, analysis techniques or software countermeasures. This paper presents general structure and parameters of SILK and a typical example of use case. Our experiments were done with two algorithms that run on a microcontroller in order to compare our simulations with real power traces. We compared simulated traces with real power traces using Dynamic Time Warping technique with two different distance metrics. We also compared our simulations with real power traces using Correlation Power Analysis (CPA). We were also able to show that using a high level of abstraction simulation we are able to produce datasets that might be used for side channel analysis.

Mind the Gap: Towards secure 1st-order masking in software

Cryptographic implementations are vulnerable to side-channel analysis. Implementors often opt for masking countermeasures to protect against these types of attacks. Masking countermeasures can ensure theoretical protection against value-based leakages. However, the practical effectiveness of masking is often halted by physical effects such as glitches and distance-based leakages, which violate the independent leakage assumption (ILA) and result in security order reductions. This paper aims to address this gap between masking theory and practice in the following threefold manner. First, we perform an in-depth investigation of the device-specific effects that invalidate ILA in the AVR microcontroller ATMega163. Second, we provide an automated tool, capable of detecting ILA violations in AVR assembly code. Last, we craft the first (to our knowledge) “hardened” 1st-order ISW-based, masked Sbox implementation, which is capable of resisting 1st-order, univariate side-channel attacks. Enforcing the ILA in the masked RECTANGLE Sbox requires 1319 clock cycles, i.e. a 15-fold increase compared to a naive 1st-order ISW-based implementation.

Quantifying Energy Consumption for Practical Fork-Join Parallelism on an Embedded Real-Time Operating System

In this work, we present the experimental assessment of a parallel framework that allows to reduce the energy consumption of MPSoC platforms running hard real-time systems. We use a power-aware Fork-Join task model based on primitives of the OpenMP library, a scheduling algorithm to execute such model and a schedulability test from the literature to ensure that all timing requirements are met while the energy consumption of the whole system is reduced. Practical experiments involving the deployment of OpenMP applications on a parallel embedded real-time operating system and power measurements on a MPSoC board through an oscilloscope probe show that intra-task parallelism helps to reduce the total energy consumption of the system in a realistic setting.

Comparing Sboxes of ciphers from the perspective of side-channel attacks

Side-channel attacks exploit physical characteristics of implementations of cryptographic algorithms in order to extract sensitive information such as the secret key. These physical attacks are among the most powerful attacks against real-world crypto-systems. This paper analyses the non-linear part (called Sboxes) of ciphers, which is often targeted by implementation attacks. We analyse Sboxes of several candidates that were submitted to the competition on authenticated encryption (CAESAR) as well as several other ciphers. We compare theoretical metrics with results from simulations and with real experiments. In this paper, we demonstrate that, in some contexts, the theoretical metrics provide no information on the resiliency of the Sboxes against side-channel attacks.

Start Simple and then Refine: Bias-Variance Decomposition as a Diagnosis Tool for Leakage Profiling

Evaluating the resistance of cryptosystems to side-channel attacks is an important research challenge. Profiled attacks reveal the degree of resilience of a cryptographic device when an adversary examines its physical characteristics. So far, evaluation laboratories launch several physical attacks (based on engineering intuitions) in order to find one strategy that eventually extracts secret information (such as a secret cryptographic key). The certification step represents a complex task because in practice the evaluators have tight memory and time constraints. In this paper, we propose a principled way of guiding the design of the most successful evaluation strategies thanks to the (bias-variance) decomposition of a security metric of profiled attacks. Our results show that we can successfully apply our framework on unprotected and protected algorithms implemented in software and hardware.

On the Construction of Side-Channel Attack Resilient S-boxes

Side-channel attacks exploit physical characteristics of implementations of cryptographic algorithms in order to extract sensitive information such as the secret key. These physical attacks are among the most powerful attacks against real-world crypto-systems. In recent years, there has been a number of proposals how to increase the resilience of ciphers against side-channel attacks. One class of proposals concentrates on the intrinsic resilience of ciphers and more precisely their S-boxes. A number of properties has been proposed such as the transparency order, the confusion coefficient and the modified transparency order. Although results with those properties confirm that they are (to some extent) related with the S-box resilience, there is still much to be investigated. There, the biggest drawback stems from the fact that even S-boxes with the best possible values of those properties have only slightly improved side-channel resistance. In this paper, we propose to construct small sized S-boxes based on the results of the measurements of the actual physical attacks. More precisely, we model our S-boxes to be as resilient as possible against non-profiled and profiled physical attacks. Our results highlight that we can design \(4\times 4\) and \(5\times 5\) S-boxes that possess increased resistance against various real-world attacks.

Implementation flaws in the masking scheme of DPA Contest v4

This study presents an implementation flaw in Differential Power Analysis Contest (DPA) Contest v4. This version of DPA Contest uses Advanced Encryption Standard (AES) protected against side-channel attacks using rotating s-box masking (RSM) countermeasure. The authors identify a flaw in the masking scheme that was used in this contest. More specifically, the problem lies in an unfortunate choice of values for masks. An unbalance in the masking scheme leads to a first order leakage. This vulnerability could be used in order to mount a first order side-channel attack against AES-RSM. The attack was implemented and tested on DPA Contest v4 reference traces. The authors also provide a way to avoid the newly discovered problem and suggest new values for masks.

Breaking Kalyna 128/128 with Power Attacks

In 2015, Kalyna has been chosen as the new Ukrainian standard block cipher. Kalyna is an AES-like block cipher with a non-invertible key schedule. In this paper we perform the first side-channel analysis of Kalyna by performing a CPA attack on the round keys of Kalyna 128/128. Our work is based on simulations and real experiments performed on a software implementation on a micro-controller. Our attack extracts the round keys with probability 0.96 using 250 measurements.