Back
 IJCNS  Vol.1 No.1 , February 2008
Efficient DPA Attacks on AES Hardware Implementations
Abstract: This paper presents an effective way to enhance power analysis attacks on AES hardware implementations. The proposed attack adopts hamming difference of intermediate results as power mode. It arranges plaintext inputs to differentiate power traces to the maximal probability. A simulation-based AES ASIC implementation and experimental platform are built. Various power attacks are conducted on our AES hardware implementation. Unlike on software implementations, conventional power attacks on hardware implementations may not succeed or require more computations. However, the method we proposed effectively improves the success rate using acceptable number of power traces and fewer computations. Furthermore from experimental data, the correlation factor between the hamming distance of key guesses and the difference of DPA traces has the value 0.9233 to validate power model and attack results.
Cite this paper: nullHAN, Y. , ZOU, X. , LIU, Z. and CHEN, Y. (2008) Efficient DPA Attacks on AES Hardware Implementations. International Journal of Communications, Network and System Sciences, 1, 68-73. doi: 10.4236/ijcns.2008.11010.
References

[1]   A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. D. Tygar, Spins: Security protocols for sensor networks, Wireless Networks, Vol. 8, pp. 521-534, 2002.

[2]   P. Kocher, J. Jaffe, and B. Jun, Differential power analysis, in Advances in Cryptology—CRYPTO 99. Heidelberg, Germany: Springer-Verlag, 1999, vol. 1666, Lecture Notes in Computer Science, pp. 398–412.

[3]   J.M.Rabaey, A.Chandrakasan, and B.Nikolic, Digital Integrated Circuits, A Design Perspective, Second Edition, Prentice-Hall, Upper Saddle River, NJ, 2003

[4]   J. Daemen, V. Rijmen: AES Proposal: Rijndael, Document Version 2, 1999.

[5]   T.S. Messerges, E.A. Dabbish, and R.H. Sloan. Examining Smart-Card Security under the Threat of Power Analysis Attacks. IEEE Transactions on Computers, 51(5), 2002.

[6]   E. Brier, C.Clavier, F.Oliver: Correlation Power Analysis with a Leakage Model, In proceedings of CHES 2004, LNCS 3156, pp. 16-29.

[7]   F.X. Standaert, S. B. Ors, J.J. Quisquater and B. Preneel Power analysis attacks against FPGA implementations of the DES. In Field Programmable Logic and Application. Heidelberg, Germany: Springer-Verlag, 2004, vol. 3203, Lecture Notes. in Computer Science, pp. 84–94.

[8]   S.B.Ors, F.Gurkaynak, E. Oswald, B. Preneel. Power-Analysis Attack on an ASIC AES implementation. In the proceedings of ITCC 2004, Las Vegas, April 5-7 2004.

[9]   Jason Waddle and David Wagner. Towards Efficient Second-Order Power Analysis. In Cryptographic Hardware and Embedded Systems–CHES 2004, 6th International Workshop, Cambridge, MA, USA, August 11-13, 2004, Proceedings, volume 3156 of Lecture Notes in Computer Science, pages 1–15. Springer, 2004.

[10]   Suresh Chari, Josyula R. Rao, and Pankaj Rohatgi. Template Attacks. Proceedings of CHES 2002, volume 2535 of LNCS, pages 13-28. Springer, 2003.

[11]   Http://www.opencores.org.

[12]   J. Wolkerstorfer, E. Oswald, and M. Lamberger, An ASIC Implementation of the AES S-boxes, The Cryptographer’s Track at the RSA Conference, CT-RSA 2002, LNCS 2271, pp. 67-78, 2002.

 
 
Top