Single-trace fragment template attack on a 32-bit implementation of Keccak
View / Open Files
Conference Name
20th Smart Card Research and Advanced Application Conference (CARDIS 2021)
Type
Conference Object
This Version
AM
Metadata
Show full item recordCitation
You, S., & Kuhn, M. Single-trace fragment template attack on a 32-bit implementation of Keccak. 20th Smart Card Research and Advanced Application Conference (CARDIS 2021). https://doi.org/10.17863/CAM.80962
Abstract
Template attacks model side-channel leakage information using Gaussian multivariate distributions. They have been quite successful in directly reconstructing individual bits of 8-bit parallel buses and registers from power traces. However, extending their use directly to larger word sizes, such as 32-bit buses, becomes impractical. Here we show that it is possible to use an LDA-based stochastic model to independently build templates for just byte fragments of such a word, to predict the exact values of its four member bytes, instead of only overall Hamming weights. We demonstrate this technique to reconstruct the arbitrary-length inputs of SHA3-512 and some other Keccak sponge functions implemented on a 32-bit Cortex-M4 device. The quality of these templates was high enough such that remaining errors in their predictions could be eliminated via belief propagation on a factor-graph network (SASCA). In our experiments, we already reliably recovered SHA3-512 inputs up to 719 bytes long (10 invocations of the permutation), and reconstructing even longer inputs should be just a matter of making longer recordings.
Sponsorship
Cambridge Trust and the Ministry of Education, Taiwan
Identifiers
External DOI: https://doi.org/10.17863/CAM.80962
This record's URL: https://www.repository.cam.ac.uk/handle/1810/333542
Statistics
Total file downloads (since January 2020). For more information on metrics see the
IRUS guide.
Recommended or similar items
The current recommendation prototype on the Apollo Repository will be turned off on 03 February 2023. Although the pilot has been fruitful for both parties, the service provider IKVA is focusing on horizon scanning products and so the recommender service can no longer be supported. We recognise the importance of recommender services in supporting research discovery and are evaluating offerings from other service providers. If you would like to offer feedback on this decision please contact us on: support@repository.cam.ac.uk