Generación de falsas claves criptográficas como medida de protección frente a ataques por canal lateral
- Autores: Rubén Lumbiarres López
- Directores de la Tesis: Mariano López García (dir. tes.)
- Lectura: En la Universitat Politècnica de Catalunya (UPC) ( España ) en 2015
- Idioma: español
- Tribunal Calificador de la Tesis: Enrique Cantó (presid.), Raúl Sánchez Reillo (secret.), Eduardo Torre Arnanz (voc.)
- Programa de doctorado: Programa Oficial de Doctorado en Ingeniería Electrónica
- Materias:
- Enlaces
- Tesis en acceso abierto en: TDX
- Resumen
In the late 90s, Paul C. Kocher introduced the concept of differential attack focused on the power consumption of a cryptographic device. In this type of analysis the plain text sent to the device is known, and all possible hypotheses of a subset of the key, related to a specific point of the cryptographic algorithm, are tested. If the key value at that point depends only on 1 byte, it is possible to predict the input current based on a theoretical model of power consumption. Thus, using statistic procedures, it is easy to compare the consumption measured during the processing of each plain text and the intermediate values related to all the hypothesis of the key.The one with the highest level of similarity will correspond to the actual key. So far the countermeasures proposed to prevent the success of the attack can be classified into two groups: Masking and Hiding. Masking tries to decouple the processed data and the power consumption by adding a random mask which is unknown by the attacker. Therefore, it is impossible to make a hypothesis that allows the theoretical and the real power consumption of the device to be related. Although is a valid method, the key could be revealed by performing a second-order attack that analyzes several points of the current trace. Hiding aims at making constant the consumption of a device in each clock cycle and independent of the processed data. In order to achieve this objective, the data is processed in double line, in such a way that the datum and its complementary are processed together, so that the same number of transitions always occur on every clock cycle. The weakness of such a method lies on the impossibility of building identical CMOS cells, which causes a minimum difference of consumption between the two lines that can be used successfully to discover the key. This thesis proposes a countermeasure based on a differentiated protection strategy with respect to the proposals made in other specific studies. It is intended to modify the algorithm in order to force a very high correlation with a different hypothesis to the one of the true key (Faking). Thus, the actual key is hidden behind the strong correlation, which is impossible to differentiate from the rest of false assumptions and remains protected. To verify its performance a trial bank has been designed to launch consumption analysis attacks. We have implemented the algorithm AES due to its simplicity and strength. Two types of attacks have been carried out. In the first one, the analysis was performed using both the correlation and the mean difference analysis without including any countermeasure. In the second attack, the proposed countermeasure has been added and the attack was repeated to check its effectiveness. We have evaluated three different situations. First of all, the algorithm and the countermeasure are solved by software on a 32-bit processor. Secondly, the algorithm is executed in software and the implementation of the countermeasure has been performed with a specific hardware coprocessor. Finally, a full hardware implementation including both the algorithm and the countermeasure has been chosen.All of them have been implemented on a Virtex 5 FPGA Xilinx. Several conclusions are obtained from the comparison between each of the AES implementations without countermeasures and their respective solution with the added countermeasure. The obtained results are also compared to other which use "masking" and "hiding" techniques. The results demonstrate that the proposal is valid. In all three cases, the protected system behaves like the unprotected system but returning the false key after the attacks. It should be noted that the amount of resources needed to carry out the "Faking" is less than the "Masking" or "Hiding" and the time needed to process the plain text is not particularly affected.
