Practical power analysis on KCipher-2 software on low-end microcontrollers

Wataru Kawai; Rei Ueno; Naofumi Homma; Takafumi Aoki; Kazuhide Fukushima; Shinsaku Kiyomoto

doi:10.1109/EuroSPW.2017.60

Practical power analysis on KCipher-2 software on low-end microcontrollers

Wataru Kawai, Rei Ueno, Naofumi Homma, Takafumi Aoki, Kazuhide Fukushima, Shinsaku Kiyomoto

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

2 Citations (Scopus)

Abstract

In this paper, we present a practical power-analysisbased attack on KCipher-2 software implemented on microcontrollers. The key idea of the proposed attack is to exploit aspecific Hamming weight (HW) leakage from low-end microcontrollers or to skip a specific part of the software sequence by a fault injection on low-end microcontrollers in addition toa conventional power analysis available for KCipher-2 hardware. The efficiency and validity of the proposed method are demonstrated through experiment on KCipher-2 software implemented on 8-bit AVR and 32-bit ARM microcontrollers. The proposed attack can reveal the entire 128-bit key of KCipher-2 within a realistic computation cost, while the conventionalattack does not. In this paper, we also present a compact countermeasure against the proposed attack on the basis of random masking techniques, which can be implemented on aresource-constrained microcontroller.

Original language	English
Title of host publication	Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	113-121
Number of pages	9
ISBN (Electronic)	9780769561073
DOIs	https://doi.org/10.1109/EuroSPW.2017.60
Publication status	Published - 2017 Jun 30
Event	2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017 - Paris, France Duration: 2017 Apr 29 → 2017 Apr 30

Publication series

Name	Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017

Conference

Conference	2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017
Country/Territory	France
City	Paris
Period	17/4/29 → 17/4/30

Keywords

Fault injection attacks
KCipher-2 software
Masking countermeasures
Microcontroller
Side-channel attacks
Smart card

Access to Document

10.1109/EuroSPW.2017.60

Cite this

Kawai, W., Ueno, R., Homma, N., Aoki, T., Fukushima, K., & Kiyomoto, S. (2017). Practical power analysis on KCipher-2 software on low-end microcontrollers. In Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017 (pp. 113-121). Article 7966980 (Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/EuroSPW.2017.60

Kawai, Wataru ; Ueno, Rei ; Homma, Naofumi et al. / Practical power analysis on KCipher-2 software on low-end microcontrollers. Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 113-121 (Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017).

@inproceedings{ef38dcd9f11a4d64a47f09c9f35a5a2c,

title = "Practical power analysis on KCipher-2 software on low-end microcontrollers",

abstract = "In this paper, we present a practical power-analysisbased attack on KCipher-2 software implemented on microcontrollers. The key idea of the proposed attack is to exploit aspecific Hamming weight (HW) leakage from low-end microcontrollers or to skip a specific part of the software sequence by a fault injection on low-end microcontrollers in addition toa conventional power analysis available for KCipher-2 hardware. The efficiency and validity of the proposed method are demonstrated through experiment on KCipher-2 software implemented on 8-bit AVR and 32-bit ARM microcontrollers. The proposed attack can reveal the entire 128-bit key of KCipher-2 within a realistic computation cost, while the conventionalattack does not. In this paper, we also present a compact countermeasure against the proposed attack on the basis of random masking techniques, which can be implemented on aresource-constrained microcontroller.",

keywords = "Fault injection attacks, KCipher-2 software, Masking countermeasures, Microcontroller, Side-channel attacks, Smart card",

author = "Wataru Kawai and Rei Ueno and Naofumi Homma and Takafumi Aoki and Kazuhide Fukushima and Shinsaku Kiyomoto",

note = "Publisher Copyright: {\textcopyright} 2017 IEEE.; 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017 ; Conference date: 29-04-2017 Through 30-04-2017",

year = "2017",

month = jun,

day = "30",

doi = "10.1109/EuroSPW.2017.60",

language = "English",

series = "Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "113--121",

booktitle = "Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017",

address = "United States",

}

Kawai, W, Ueno, R , Homma, N , Aoki, T, Fukushima, K & Kiyomoto, S 2017, Practical power analysis on KCipher-2 software on low-end microcontrollers. in Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017., 7966980, Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017, Institute of Electrical and Electronics Engineers Inc., pp. 113-121, 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017, Paris, France, 17/4/29. https://doi.org/10.1109/EuroSPW.2017.60

Practical power analysis on KCipher-2 software on low-end microcontrollers. / Kawai, Wataru; Ueno, Rei ; Homma, Naofumi et al.
Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017. Institute of Electrical and Electronics Engineers Inc., 2017. p. 113-121 7966980 (Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Practical power analysis on KCipher-2 software on low-end microcontrollers

AU - Kawai, Wataru

AU - Ueno, Rei

AU - Homma, Naofumi

AU - Aoki, Takafumi

AU - Fukushima, Kazuhide

AU - Kiyomoto, Shinsaku

PY - 2017/6/30

Y1 - 2017/6/30

N2 - In this paper, we present a practical power-analysisbased attack on KCipher-2 software implemented on microcontrollers. The key idea of the proposed attack is to exploit aspecific Hamming weight (HW) leakage from low-end microcontrollers or to skip a specific part of the software sequence by a fault injection on low-end microcontrollers in addition toa conventional power analysis available for KCipher-2 hardware. The efficiency and validity of the proposed method are demonstrated through experiment on KCipher-2 software implemented on 8-bit AVR and 32-bit ARM microcontrollers. The proposed attack can reveal the entire 128-bit key of KCipher-2 within a realistic computation cost, while the conventionalattack does not. In this paper, we also present a compact countermeasure against the proposed attack on the basis of random masking techniques, which can be implemented on aresource-constrained microcontroller.

AB - In this paper, we present a practical power-analysisbased attack on KCipher-2 software implemented on microcontrollers. The key idea of the proposed attack is to exploit aspecific Hamming weight (HW) leakage from low-end microcontrollers or to skip a specific part of the software sequence by a fault injection on low-end microcontrollers in addition toa conventional power analysis available for KCipher-2 hardware. The efficiency and validity of the proposed method are demonstrated through experiment on KCipher-2 software implemented on 8-bit AVR and 32-bit ARM microcontrollers. The proposed attack can reveal the entire 128-bit key of KCipher-2 within a realistic computation cost, while the conventionalattack does not. In this paper, we also present a compact countermeasure against the proposed attack on the basis of random masking techniques, which can be implemented on aresource-constrained microcontroller.

KW - Fault injection attacks

KW - KCipher-2 software

KW - Masking countermeasures

KW - Microcontroller

KW - Side-channel attacks

KW - Smart card

UR - http://www.scopus.com/inward/record.url?scp=85027710509&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85027710509&partnerID=8YFLogxK

U2 - 10.1109/EuroSPW.2017.60

DO - 10.1109/EuroSPW.2017.60

M3 - Conference contribution

AN - SCOPUS:85027710509

T3 - Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017

SP - 113

EP - 121

BT - Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017

Y2 - 29 April 2017 through 30 April 2017

ER -

Kawai W, Ueno R , Homma N , Aoki T, Fukushima K, Kiyomoto S. Practical power analysis on KCipher-2 software on low-end microcontrollers. In Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017. Institute of Electrical and Electronics Engineers Inc. 2017. p. 113-121. 7966980. (Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017). doi: 10.1109/EuroSPW.2017.60

Practical power analysis on KCipher-2 software on low-end microcontrollers

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this