Sebastian Kutzner

Enabling 3-Share Threshold Implementations for all 4-Bit S-Boxes

Threshold Implementation (TI) is an elegant and promising lightweight countermeasure for hardware implementations to resist first order Differential Power Analysis (DPA) in the presence of glitches. Unfortunately, in its most efficient version with only three shares, it can only be applied to 50 % of all 4-bit S-boxes so far. In this paper, we introduce a new approach, called factorization, that enables us to protect all 4-bit S-boxes with a 3-share TI. This allows—for the first time—to protect numerous important ciphers to which the 3-share TI countermeasure was previously not applicable, such as CLEFIA, DES, DESL, GOST, HUMMINGBIRD1, HUMMINGBIRD2, LUCIFER, mCrypton, SERPENT, TWINE, TWOFISH among others. We verify the security and correctness with experiments on simulations and real world power traces and finally provide exemplary decompositions of all those S-boxes.

On 3-share threshold implementations for 4-bit s-boxes

One of the most promising lightweight hardware countermeasures against SCA attacks is the so-called Threshold Implementation (TI) [12] countermeasure. In this work we discuss issues towards its applicability and introduce solutions to boost its implementation efficiency. In particular, our contribution is three-fold: first we introduce two methodologies to efficiently implement 3-share TI to a given S-box. Second, as an example, we successfully apply these methodologies to PRESENT and are able to decrease the area requirements of its protected S-box by 37-40%. Third, we present the first successful practical Mutual Information Attack on the original 3-share TI implementation of PRESENT and compare it with a correlation-enhanced collision attack using second-order moments.

Hardware trojan design and detection: a practical evaluation

Hardware Trojan design and detection have been extensively studied during the last years. In this work we investigate non-invasive detection methods utilizing so-called side-channel analysis. In the past, almost all proposed detection techniques have been evaluated based on simulations only and thus, the question remains how well they perform in practice. Therefore, we perform a practical evaluation of two previously published Trojan detection methods based on principal component analysis. We evaluate those methods on various designs of a complete functional lightweight hardware Trojan embedded in a PRESENT block cipher circuit. More precisely, we investigate how well the simulations match our practical results and reveal some shortcomings. Subsequently, we introduce a new detection method exploiting statistical properties of the probability distribution functions built from side-channel measurements and show that it is more robust to measurement noise than previously presented methods.

On the Security of RSM - Presenting 5 First- and Second-Order Attacks

Lightweight cryptography and efficient implementations, including efficient countermeasures against side-channel analysis, are of great importance for embedded devices, and, consequently, a lot of progress has been done in this area in recent years. In 2012, the RSM masking scheme [15] was introduced as an efficient countermeasure against side-channel attacks on AES. RSM has no time penalty, only reasonable area overhead, uses only 4 bit of entropy, and is deemed to be secure against univariate first- and second-order attacks. In this paper we first review the original practical security evaluation and discuss some shortcomings. We then reveal a weakness in the set of masks used in RSM, i.e., we found that certain pairs of masks have a constant difference. This weakness is subsequently exploited to mount five different side-channel attacks against RSM: a univariate first-order CPA enabled by simple pre-processing and a variant of a first-order correlation-enhanced collision attack, both on a smart card implementation, and a univariate second-order CPA as well as two first- and second-order collision attacks against an FPGA implementation. All five attacks show how such a vulnerability in the mask set can undermine the security of the scheme and therefore highlight the importance of carefully choosing the masks.

Feasibility and Practicability of Standardized Cryptography on 4-bit Micro Controllers

Myriads of ultra-constrained 4-bit micro controllers (MCUs) are deployed in (mostly) legacy devices, some in security sensitive applications, such as remote access and control systems or all sort of sensors. Yet the feasibility and practicability of standardized cryptography on 4-bit MCUs has been mostly neglected. In this work we close this gap and provide, to the best of our knowledge, the first implementations of ECC and SHA-1, and the fastest implementation of AES on a 4-bit MCU. Though it is not the main focus of this paper, we have investigated the SCA resistance trade-offs for ECC by implementing a variety of countermeasures. We hope that our comprehensive, highly energy-efficient crypto library—that even outperforms all previously published implementations on low-power 8-bit MCUs—will give rise to a variety of security functionalities, previously thought to be too demanding for these ultra-constrained devices.

Minimizing S-Boxes in Hardware by Utilizing Linear Transformations

Countermeasures against side-channel analysis attacks are increasingly considered already during the design/implementation step of cryptographic algorithms for embedded devices. An important challenge is to reduce the overhead (area, time) introduced by the countermeasures, and, consequently, in the past years a lot of progress has been achieved in this direction. In this contribution we propose a further optimization of decomposing 4-bit S-boxes by exploiting affine transformations and a single shared quadratic permutation. Thereby many various S-boxes can be merged into one component and thus reduce the resource overhead. We applied our proposed scheme on a Threshold Implementation masked Present S-box and its inverse in order to construct a merged masked S-box, which can be used for both encryption and decryption. This design saves up to 24% resources on a Virtex-5 FPGA platform and up to 28% for an ASIC implementation compared to previously published designs. It is noteworthy to stress that our technique is not restricted to the TI countermeasure, but also allows to reduce the resource requirements of the non-linear layer of cryptographic algorithms with a set of different S-boxes, such as SERPENT or DES, amongst others.

Standardized Signature Algorithms on Ultra-constrained 4-Bit MCU

In this work, we implement all three digital signature schemes specified in Digital Signature Standard (FIPS 186-3), including DSA and RSA (based on modular exponentiation) as well as ECDSA (based on elliptic curve point multiplication), on an ultra-constrained 4-bit MCU of the EPSON S1C63 family. Myriads of 4-bit MCUs are widely deployed in legacy devices, and some in security applications due to their ultra low-power consumption. However, public-key cryptography, especially digital signature, on 4-bit MCU is usually neglected and even regarded as infeasible. Our highly energy-efficient implementation can give rise to a variety of security functionalities for these ultra-constrained devices.