short-paper

Filtering-based CPA: a successful side-channel attack against desynchronization countermeasures

Authors:
Karim M. Abdellatif

École Nationale Suprieure des Mines de Saint-Etienne, France and Minia University, Egypt

École Nationale Suprieure des Mines de Saint-Etienne, France and Minia University, Egypt
View Profile

,
Damien Couroussé

Univ. Grenoble Alpes, Grenoble, France and CEA, LIST, MINATEC Campus, Grenoble, France

Univ. Grenoble Alpes, Grenoble, France and CEA, LIST, MINATEC Campus, Grenoble, France
View Profile

,
Olivier Potin

École Nationale Suprieure des Mines de Saint-Etienne, France

École Nationale Suprieure des Mines de Saint-Etienne, France
View Profile

,
Philippe Jaillon

École Nationale Suprieure des Mines de Saint-Etienne, France

École Nationale Suprieure des Mines de Saint-Etienne, France
View Profile

CS2 '17: Proceedings of the Fourth Workshop on Cryptography and Security in Computing SystemsJanuary 2017Pages 29–32https://doi.org/10.1145/3031836.3031842

Published:24 January 2017Publication History

CS2 '17: Proceedings of the Fourth Workshop on Cryptography and Security in Computing Systems

Pages 29–32

ABSTRACT

Secure implementations against side channel attacks usually combine hiding and masking protections in software implementations. In this work, we focus on desynchronization protection which is considered as a hiding countermeasure. The idea of desynchronization is to obtain a non-predictable offset of the attacking point in terms of time dimension. For this purpose, we present exploiting pattern-recognition methods to filter interesting points for obtaining a successful side channel attack. Using this tool as a case study, we completely cancel the desynchronization effect of the CHES 2009/2010 countermeasure [2, 3]. Moreover, 25k traces are needed for a successful key recoveries in case of polymorphism-based countermeasure [4].

References

Agosta, G., Barenghi, A., and Pelosi, G. A code Morphing Methodology to Automate Power Analysis Countermeasures. In Proceedings of the 49th Annual Design Automation Conference (2012), ACM, pp. 77--82. Google ScholarDigital Library
Coron, J.-S., and Kizhvatov, I. An Efficient Method for Random Delay Generation in Embedded Software. In Cryptographic Hardware and Embedded Systems-CHES 2009. Springer, 2009, pp. 156--170. Google ScholarDigital Library
Coron, J.-S., and Kizhvatov, I. Analysis and Improvement of the Random Delay Countermeasure of CHES 2009. In International Workshop on Cryptographic Hardware and Embedded Systems (2010), Springer, pp. 95--109. Google ScholarDigital Library
Couroussé, D., Barry, T., Robisson, B., Jaillon, P., Potin, O., and Lanet, J.-L. Runtime Code Polymorphism as a Protection Against Side Channel Attacks. In IFIP International Conference on Information Security Theory and Practice (2016), Springer, pp. 136--152.Google ScholarCross Ref
Durvaux, F., Renauld, M., Standaert, F.-X., tot Oldenzeel, L. v. O., and Veyrat-Charvillon, N. Cryptanalysis of the CHES 2009/2010 Random Delay Countermeasure. IACR Cryptology ePrint Archive 2012 (2012), 38.Google Scholar
Heron, S. Advanced Encryption Standard (AES). Network Security 2009, 12 (2009), 8--12. Google ScholarDigital Library
Rivain, M., Prouff, E., and Doget, J. Higher-Order Masking and Shuffling for Software Implementations of Block Ciphers. In Cryptographic Hardware and Embedded Systems-CHES 2009. Springer, 2009, pp. 171--188. Google ScholarDigital Library
STmicroelectronics. UM0919 User Manual. http://www.st.com/content/ccc/resource/technical/document/user_manual/f3/16/fb/63/d6/3d/45/aa/CD00267113.pdf/files/CD00267113.pdf/jcr:content/translations/en.CD00267113.pdf.Google Scholar
Strobel, D., and Paar, C. An Efficient Method for Eliminating Random Delays in Power Traces of Embedded Software. In International Conference on Information Security and Cryptology (2011), Springer, pp. 48--60. Google ScholarDigital Library

Filtering-based CPA: a successful side-channel attack against desynchronization countermeasures
1. Social and professional topics
  1. Computing / technology policy

Recommendations

Hop-count filtering: an effective defense against spoofed DDoS traffic
CCS '03: Proceedings of the 10th ACM conference on Computer and communications security

IP spoofing has been exploited by Distributed Denial of Service (DDoS) attacks to (1) conceal flooding sources and localities in flooding traffic, and (2) coax legitimate hosts into becoming reflectors, redirecting and amplifying flooding traffic. Thus, ...
Read More
IP traceback-based intelligent packet filtering: a novel technique for defending against Internet DDoS attacks

Distributed Denial of Service (DDoS) is one of the most difficult security problems to address. While many existing techniques (e.g., IP traceback) focus on tracking the location of the attackers after-the-fact, little is done to mitigate the effect of ...
Read More
Region-based BGP announcement filtering for improved BGP security
ASIACCS '10: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security

BGP prefix hijacking is a serious security threat on the Internet. In this paper we propose a region-based BGP announcement filtering scheme (RBF) to improve the BGP security. In contrast to existing solutions that indifferently prevent or detect prefix ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CS2 '17: Proceedings of the Fourth Workshop on Cryptography and Security in Computing Systems
January 2017
39 pages
ISBN:9781450348690
DOI:10.1145/3031836
General Chairs:
Mats Brorsson
KTH Royal Institute of Technology, Sweden
,
Zhonghai Lu
KTH Royal Institute of Technology, Sweden
,
Program Chairs:
Giovanni Agosta
Politecnico di Milano, Italy
,
Alessandro Barenghi
Politecnico di Milano, Italy
,
Gerardo Pelosi
Politecnico di Milano, Italy
Copyright © 2017 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 24 January 2017
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- short-paper
Conference

Acceptance Rates
CS2 '17 Paper Acceptance Rate4of11submissions,36%Overall Acceptance Rate27of91submissions,30%
More
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 9
  Total Citations
  View Citations
- 123
  Total Downloads
- Downloads (Last 12 months)16
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Filtering-based CPA: a successful side-channel attack against desynchronization countermeasures

CS2 '17: Proceedings of the Fourth Workshop on Cryptography and Security in Computing Systems

ABSTRACT

References

Cited By

Recommendations

Hop-count filtering: an effective defense against spoofed DDoS traffic

IP traceback-based intelligent packet filtering: a novel technique for defending against Internet DDoS attacks

Region-based BGP announcement filtering for improved BGP security