Enhancing Cryptographic Code Against Side Channel Cryptanalysis With Aspects

Jérôme Dossogne, Stephane Fernandes Medeiros

Abstract

In this paper we introduce a new way to protect software implementation of cryptographic protocols against Side Channel Attacks (SCA) using Aspect Oriented Programming (AOP). For this purpose we have implemented the RSA algorithm in Java and our aspects with AspectJ. As a result, we show how AOP can help tremendously to enhance cryptographic protocols against SCA with nearly no negative side-effects. Moreover, we illustrate a new countermeasure against timing attacks aiming for the simple modular exponentiation technique. Our simulation performs a timing attack against the hamming weight of the secret key in a RSA cryptosystem. The success rate of the attack drops from 80% to 0% with our countermeasure.

References

  1. Dossogne, J., Markowitch, O.: E-voting : Individual verifiability of public boards made more achievable. In Goseling, J., Weber, J.H., eds.: Proceedings of the 31th Symposium on Information Theory in the Benelux (WICSITB2010), Rotterdam, The Netherlands (2010) 5-10
  2. Dossogne, J., Markowitch, O.: Voting With a Tripartite Designated Verifier Scheme Based On Threshold RSA Signatures. In Tjalling, T., Willens, F., eds.: Proceedings of the 30th Symposium on Information Theory in the Benelux (WIC09). Volume 1., Eindhoven (2009) 113-118
  3. Desmedt, Y., Elkind, E.: Equilibria of plurality voting with abstentions. In: Proceedings of the 11th ACM conference on Electronic commerce - EC 7810, New York, New York, USA, ACM Press (2010) 347
  4. Kremer, S., Ryan, M., Smyth, B.: Election verifiability in electronic voting protocols. In Gritzalis, D., Preneel, B., Theoharidou, M., eds.: Proceedings of the 15th European Symposium on Research in Computer Security (ESORICS'10). Volume 6345 of Lecture Notes in Computer Science., Athens, Greece, Springer-Verlag (2010) 389-404
  5. Dossogne, J., Markowitch, O.: Online banking and man in the browser attacks , survey of the belgian situation. In Goseling, J., Weber, J.H., eds.: Proceedings of the 31th Symposium on Information Theory in the Benelux (WICSITB2010), Rotterdam, The Netherlands (2010) 19-26
  6. Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In Koblitz, N., ed.: CRYPTO'96. Volume 1109 of Lecture Notes in Computer Science., Springer (1996) 104-113
  7. Kocher, P. C., Jaffe, J., Jun, B.: Differential Power Analysis. In Wiener, M. J., ed.: Advances in Cryptology - CRYPTO99. Volume 1666 of Lecture Notes in Computer Science., Springer (1999) 388-397
  8. Mangard, S., Oswald, M. E., Popp, T.: Power Analysis Attacks - Revealing the Secrets of Smart Cards. Springer (2007)
  9. Sertkaya, Y.: Application Areas of Aspect Oriented Programming (2009)
  10. Matsui, M., Yamagishi, A.: A New Method for Known Plaintext Attack of FEAL Cipher. In Rueppel, R.A., ed.: Advances in Cryptology EUROCRYPT92. Volume 658 of Lecture Notes in Computer Science., Berlin, Heidelberg, Springer Berlin Heidelberg (1993) 81-91
  11. Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. Journal of Cryptology 4 (1991) 3-72
  12. Federal Information/NIST: DATA ENCRYPTION STANDARD (DES) (Processing Standards Publication 46-2) (1999)
  13. National Institute of Standards and Technology (NIST): AES Algorithm (Rijndael) Information (2001)
  14. Daemen, J., Rijmen, V.: AES submission document on Rijndael (amended) (2003)
  15. National Institute of Standards and Technology (U.S. Department of Commerce): FIPS PUB 197, Advanced Encryption Standard (AES) (2001)
  16. Coppersmith, D.: The Data Encryption Standard (DES) and its strength against attacks. IBM Journal of Research and Development 38 (1994) 243-250
  17. Bernstein, D.J.: Cache-timing attacks on AES (2005)
  18. Yang, B., Wu, K., Karri, R.: Scan Based Side Channel Attack on Data Encryption Standard (Cryptology ePrint Archive, Report 2004/083) (2004)
  19. Kühn, U.: Side-Channel Attacks on Textbook RSA and ElGamal Encryption. In Desmedt, Y.G., ed.: Public Key Cryptography PKC 2003. Volume 2567 of Lecture Notes in Computer Science., Berlin, Heidelberg, Springer Berlin Heidelberg (2002) 324-336
  20. Moreno, C., Hasan, M. A.: An Adaptive Idle-Wait Countermeasure Against Timing Attacks on Public-Key Cryptosystems (2010)
  21. Shamir, A.: Method and apparatus for protecting public key schemes from timing and fault attacks (1999)
  22. Boneh, D.: Twenty Years of Attacks on the RSA Cryptosystem (1999)
  23. RSA Security Inc.: RSA Raw Encryption using the JCE (2011)
  24. McCafferty, B.: Design-by-Contract: A Practical Introduction (2006)
  25. Xerox Corporation, Palo Alto Research Center: Introduction to AspectJ (2011)
  26. Rivest, R. L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and publickey cryptosystems. Commun. ACM 21 (1978) 120-126
  27. RSA Laboratories: What is public-key cryptography? (2010)
  28. Dhem, J. F., Koeune, F., Leroux, P. A., Mestré, P., Quisquater, J. J., Willems, J. L.: A Practical Implementation of the Timing Attack. In Quisquater, J.J., Schneier, B., eds.: Smart Card. Research and Applications Third International Conference, CARDIS98. Volume 1820 of Lecture Notes in Computer Science., Louvain-la-Neuve, Belgium, Springer (1998) 167-182
  29. Bernstein, D. J., Sorenson, J. P.: Modular exponentiation via the explicit Chinese remainder theorem. Mathematics of Computation 76 (2007) 443-455
  30. Dossogne, J.: homepages.ulb.ac.be/˜jdossogn (2011)
  31. RSA Security Inc.: RSA Laboratories - 4.1.2.1 What key size should be used? (2011)
  32. Yen, S. M., Kim, S., Lim, S., Moon, S. J.: A Countermeasure against One Physical Cryptanalysis May Benefit Another Attack. In Kim, K., ed.: Information Security and Cryptology ICISC 2001. Volume 2288/2002 of Lecture Notes in Computer Science., Springer (2002) 269-294
Download


Paper Citation


in Harvard Style

Dossogne J. and Fernandes Medeiros S. (2011). Enhancing Cryptographic Code Against Side Channel Cryptanalysis With Aspects . In Proceedings of the 8th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2011) ISBN 978-989-8425-61-4, pages 39-48. DOI: 10.5220/0003573800390048


in Bibtex Style

@conference{wosis11,
author={Jérôme Dossogne and Stephane Fernandes Medeiros},
title={Enhancing Cryptographic Code Against Side Channel Cryptanalysis With Aspects},
booktitle={Proceedings of the 8th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2011)},
year={2011},
pages={39-48},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003573800390048},
isbn={978-989-8425-61-4},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 8th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2011)
TI - Enhancing Cryptographic Code Against Side Channel Cryptanalysis With Aspects
SN - 978-989-8425-61-4
AU - Dossogne J.
AU - Fernandes Medeiros S.
PY - 2011
SP - 39
EP - 48
DO - 10.5220/0003573800390048