Towards a Software Approach to Mitigate Correlation Power Analysis

Ibraheem Frieslaar, Barry Irwin

2016

Abstract

In this research we present a novel implementation for a software countermeasure to mitigate Correlation Power Analysis (CPA). This countermeasure combines pseudo controlled-random dummy code and a task scheduler using multi threads to form dynamic power traces which obscures the occurrence of critical operations of the AES-128 algorithm. This work investigates the use of a task scheduler to generate noise at specific areas in the AES-128 algorithm to mitigate the CPA attack. The dynamic power traces have shown to be an effective contermeasure, as it obscures the CPA into predicting the incorrect secret key. Furthermore, the countermeasure is tested on an ATmega and an ATxmega microcontroller. The basic side channel analysis attack resistance has been increased and in both scenarios the proposed countermeasure has reduced the correlation accuracy and forced the CPA to predict the incorect key. The correlation accuracy decreased from 97.6% to 53.6% on the ATmega microntroller, and decreased from 82% to 51.4% on the ATxmega microcontroller.

References

  1. Blömer, J., Guajardo, J., and Krummel, V. (2004). Provably secure masking of AES. In Selected Areas in Cryptography, pages 69-83. Springer.
  2. Brier, E., Clavier, C., and Olivier, F. (2004). Correlation power analysis with a leakage model. In Cryptographic Hardware and Embedded Systems-CHES 2004, pages 16-29. Springer.
  3. Daemen, J. and Rijmen, V. (2002). The design of rijndael: AES. The Advanced Encryption Standard.
  4. Ferreyra, D. (2008). AVR development. http://www.bourbonstreetsoftware.com/AVRDevelop ment.html.
  5. Hoogvorst, P., Duc, G., and Danger, J.-L. (2011). Software implementation of dual-rail representation. COSADE, February, pages 24-25.
  6. Kocher, P., Jaffe, J., and Jun, B. (1999). Differential power analysis. In Advances in CryptologyCRYPTO99, pages 388-397. Springer.
  7. Kocher, P., Jaffe, J., Jun, B., and Rohatgi, P. (2011). Introduction to differential power analysis. Journal of Cryptographic Engineering, 1(1):5-27.
  8. Kunikowski, W., CzerwiÁski, E., Olejnik, P., and Awrejcewicz, J. (2015). An overview of ATmega AVR microcontrollers used in scientific research and industrial applications. Pomiary, Automatyka, Robotyka, 19.
  9. Mestiri, H., Benhadjyoussef, N., Machhout, M., and Tourki, R. (2013). A comparative study of power consumption models for CPA attack. International Journal of Computer Network and Information Security, 5(3):25.
  10. O'Flynn, C. and Chen, Z. (2012). A case study of sidechannel analysis using decoupling capacitor power measurement with the OpenADC. In Foundations and Practice of Security, pages 341-356. Springer.
  11. O'Flynn, C. and Chen, Z. D. (2014). Chipwhisperer: An open-source platform for hardware embedded security research. In Constructive Side-Channel Analysis and Secure Design, pages 243-260. Springer.
  12. O'Flynn, C. and Chen, Z. D. (2015). Side channel power analysis of an AES-256 bootloader. In Electrical and Computer Engineering (CCECE), 2015 IEEE 28th Canadian Conference on, pages 750-755. IEEE.
  13. Oswald, E. and Schramm, K. (2005). An efficient masking scheme for AES software implementations. In Information Security Applications, pages 292-305. Springer.
  14. RANDOM.ORG (2016). Introduction to randomness and random numbers. https://www.random.org/random ness/.
  15. Schramm, K., Leander, G., Felke, P., and Paar, C. (2004). A collision-attack on AES. In Cryptographic Hardware and Embedded Systems-CHES 2004, pages 163-175. Springer.
  16. Tillich, S. and Großschädl, J. (2007). Power analysis resistant AES implementation with instruction set extensions. Springer.
  17. Tillich, S., Herbst, C., and Mangard, S. (2007). Protecting AES software implementations on 32-bit processors against power analysis. In Applied Cryptography and Network Security, pages 141-157. Springer.
  18. Veyrat-Charvillon, N., Medwed, M., Kerckhof, S., and Standaert, F.-X. (2012). Shuffling against sidechannel attacks: A comprehensive study with cautionary note. In Advances in Cryptology-ASIACRYPT 2012, pages 740-757. Springer.
  19. ZTEX (2016). Spartan 6 LX9 to LX25 FPGA board. http://www.ztex.de/usb-fpga-1/usb-fpga-1.11.e.html.
Download


Paper Citation


in Harvard Style

Frieslaar I. and Irwin B. (2016). Towards a Software Approach to Mitigate Correlation Power Analysis . In Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016) ISBN 978-989-758-196-0, pages 403-410. DOI: 10.5220/0005955604030410


in Bibtex Style

@conference{secrypt16,
author={Ibraheem Frieslaar and Barry Irwin},
title={Towards a Software Approach to Mitigate Correlation Power Analysis},
booktitle={Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)},
year={2016},
pages={403-410},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005955604030410},
isbn={978-989-758-196-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)
TI - Towards a Software Approach to Mitigate Correlation Power Analysis
SN - 978-989-758-196-0
AU - Frieslaar I.
AU - Irwin B.
PY - 2016
SP - 403
EP - 410
DO - 10.5220/0005955604030410