On A SCON and I SAP About Two Authenticated Encryption Schemes Christoph Dobraunig October 2018 Designed by: . Mendel, M. Schl¨ A SCON : C. Dobraunig, M. Eichlseder, F affer I SAP : C. Dobraunig, M. Eichlseder, S. Mangard, F . Mendel, T. Unterluggauer
www.iaik.tugraz.at Introduction to Authenticated Encryption 1 / 27
www.iaik.tugraz.at Interface K K N , A , C , T Alice Bob Encryption & Authentication E ( K , N , A , P ) → ( C , T ) Decryption & Verification D ( K , N , A , C , T ) → { P , ⊥} 2 / 27
www.iaik.tugraz.at Motivation Generic composition E.g., Encrypt-then-MAC Dedicated mode E.g., standards like GCM, CCM, OCB, . . . Which one to use? Can we do better? 3 / 27
www.iaik.tugraz.at Competitions AES, SHA-3, eStream... CAESAR: Competition for Authenticated Encryption – Security, Applicability, and Robustness http://competitions.cr.yp.to/caesar.html 57 submissions in 2014 7 finalists remaining One of them is A SCON 4 / 27
www.iaik.tugraz.at A SCON : A Finalist of CAESAR 5 / 27
www.iaik.tugraz.at A SCON – Mode P 1 C 1 P 2 C 2 P t C t 64 64 64 IV p 12 p 6 p 6 p 12 256 256 256 256 128 K � N T 0 ∗ � K K � 0 ∗ 1 K Processing Initialization Finalization Plaintext 6 / 27
www.iaik.tugraz.at A SCON – Permutation Iterative application of round function One round Constant addition Substitution layer Linear layer 7 / 27
www.iaik.tugraz.at A SCON – Round Substitution layer x 0 x 1 x 2 x 3 x 4 Linear layer x 0 x 1 x 1 x 2 x 3 x 4 8 / 27
www.iaik.tugraz.at A SCON – Round x 4 ⊕ ( x 4 ≫ 7) ⊕ ( x 4 ≫ 41) → x 4 x 4 x 4 x 3 ⊕ ( x 3 ≫ 10) ⊕ ( x 3 ≫ 17) → x 3 x 3 x 3 x 2 ⊕ ( x 2 ≫ 1) ⊕ ( x 2 ≫ 6) → x 2 x 2 x 2 x 1 ⊕ ( x 1 ≫ 61) ⊕ ( x 1 ≫ 39) → x 1 x 1 x 1 x 0 ⊕ ( x 0 ≫ 19) ⊕ ( x 0 ≫ 28) → x 0 x 0 x 0 S-box Linear transformation 9 / 27
www.iaik.tugraz.at A SCON – Benefits Simplicity Defined on 64-bit words Using bitwise Boolean functions Online and Single-Pass (duplex-based [BDPV12]) Bitsliced in Software Utilize 64-bit words Up to 5 instructions in parallel Bit interleaving [BDPVV12] for 32-bit processors Flexible in hardware Small area (2.5 kGE) to high speed (13.2 Gbps) [GWDE15] Balanced design E.g., lightweight devices communicate to back-end server 10 / 27
www.iaik.tugraz.at A SCON – Benefits Easy integration of side-channel countermeasures No look-up tables Low degree Sbox using K ECCAK ’s χ [BDPV11] as core Easy to mask, e.g., DOM implementations [GM18] Pipelined Parallel Protection Order GE Mbit/s GE Mbit/s 1 10 855 108 28 887 2246 2 16 186 108 52 995 1896 3 21 586 110 81 209 1903 4 27 124 71 118 264 1786 5 32 757 95 161 870 1868 . . . 13 81 194 70 725 994 1833 14 87 749 71 828 183 1439 15 94 235 50 926 332 1480 11 / 27
www.iaik.tugraz.at Simple Power Analysis (SPA) [KJJ99] Observe device processing the same or a few inputs Techniques directly interpreting measurements 12 / 27
www.iaik.tugraz.at Simple Power Analysis (SPA) [KJJ99] 0.2 0.15 0.1 0.05 Power Consumption 0 -0.05 -0.1 -0.15 -0.2 -0.25 0 2000 4000 6000 8000 10000 12000 14000 16000 Samples by Robert Primas 12 / 27
www.iaik.tugraz.at Differential Power Analysis (DPA) [KJJ99] Observe device processing many different inputs Allows for the use of statistical techniques 13 / 27
www.iaik.tugraz.at Differential Power Analysis (DPA) [KJJ99] 10 -3 12 10 8 6 Difference of Mean 4 2 0 -2 -4 -6 -8 0 2000 4000 6000 8000 10000 12000 14000 16000 Samples by Robert Primas 13 / 27
www.iaik.tugraz.at Masking and Threshold Implementations [NRR06] y x f 14 / 27
www.iaik.tugraz.at Masking and Threshold Implementations [NRR06] x 0 y 0 f 0 x 1 y 1 f 1 x 2 y 2 f 2 14 / 27
www.iaik.tugraz.at I SAP : Designed to Withstand Side-channel Attacks 15 / 27
www.iaik.tugraz.at I SAP Authenticated encryption scheme Following requirements of CAESAR call No assumptions on choice of the nonce Provides protection against DPA for: Encryption Decryption Solely based on sponges Limits the attack surface against SPA 16 / 27
www.iaik.tugraz.at Fresh Re-keying [MSGR10] N g g K K K ∗ K ∗ C E − 1 P E P Tag Reader 17 / 27
www.iaik.tugraz.at Fresh Re-keying [MPRRS11] N b N a g g K K K ∗ K ∗ C E − 1 P E P Party 1 Party 2 18 / 27
www.iaik.tugraz.at What About Storage? N g K Storage K ∗ C P E Device Encryption still fine Decryption causes problems 19 / 27
www.iaik.tugraz.at How to Protect Decryption? Solely rely on implementation countermeasures Makes re-keying for encryption kind of obsolete Limit to one decryption Keep track of the nonce Re-encrypt data Time consuming Damaging 20 / 27
www.iaik.tugraz.at Priciple of I SAP ’s Decryption “Bind” the session key to the data that is decrypted 21 / 27
www.iaik.tugraz.at Priciple of I SAP ’s Decryption “Bind” the session key to the data that is decrypted H N g g K K N � C MAC T C Dec P 21 / 27
www.iaik.tugraz.at Priciple of I SAP ’s Decryption “Bind” the session key to the data that is decrypted H N g g K K N � C MAC T C Dec P 21 / 27
www.iaik.tugraz.at I SAP ’s Authentication/Verification C 1 C t K A N y g IV p p p K ∗ A IV C 1 C t N T IV p p p p IV 22 / 27
www.iaik.tugraz.at I SAP ’s Authentication/Verification K A y K ∗ A g C 1 C t N T IV p p p p IV 22 / 27
www.iaik.tugraz.at I SAP ’s Authentication/Verification Use suffix MAC instead of hash-then-MAC N � IV 1 C 1 C t K A T y K ∗ A r 1 r 1 k g k k p a p a p a p a c 1 c 1 22 / 27
www.iaik.tugraz.at Absorbing the Key Idea: Reduce rate to a minimum [TS14] Related to the classical GGM construction [GGM86] y 1 y 2 y w K A � IV 2 K ∗ A r 2 r 2 r 2 k p c p c p b p b c 2 c 2 c 2 23 / 27
www.iaik.tugraz.at I SAP ’s En-/Decryption C 1 C v K E � IV 3 N 1 N u P 1 P v r 2 r 2 r 3 r 3 p c p c p c p c p b c 2 c 2 c 3 24 / 27
www.iaik.tugraz.at Sponges and Side-channel Leakage ℓ i ℓ i +1 r r p p c 25 / 27
www.iaik.tugraz.at Sponges and Side-channel Leakage ℓ i + ℓ i +1 ℓ i ℓ i +1 r r r r p p p p c c ′ c ′ = c − ( ℓ i + ℓ i + 1 ) 25 / 27
www.iaik.tugraz.at Properties AE scheme following requirements of CAESAR call Provides protection against DPA Encryption Decryption Two-pass Cannot turn protection off 26 / 27
www.iaik.tugraz.at Thank you 27 / 27
www.iaik.tugraz.at Bibliography I [BDPV11] G. Bertoni, J. Daemen, M. Peeters, and G. Van Assche The Keccak SHA-3 submission (Version 3.0) http://keccak.noekeon.org/Keccak-submission-3.pdf , 2011 [BDPV12] G. Bertoni, J. Daemen, M. Peeters, and G. Van Assche Duplexing the Sponge: Single-Pass Authenticated Encryption and Other Applications Selected Areas in Cryptography, SAC 2011 [BDPVV12] G. Bertoni, J. Daemen, M. Peeters, G. Van Assche, and R. Van Keer Keccak implementation overview https://keccak.team/files/Keccak-implementation- 3.2.pdf , 2012
www.iaik.tugraz.at Bibliography II [DEMMU17] C. Dobraunig, M. Eichlseder, S. Mangard, F. Mendel, and T. Unterluggauer ISAP – Towards Side-Channel Secure Authenticated Encryption IACR Transactions on Symmetric Cryptology 2017:1, 2017 [DEMS14] C. Dobraunig, M. Eichlseder, F. Mendel, and M. Schl¨ affer Ascon Submission to the CAESAR competition: http://competitions.cr.yp.to , 2014 [GGM86] O. Goldreich, S. Goldwasser, and S. Micali How to construct random functions J. ACM 33:4, 1986 [GM18] H. Groß and S. Mangard A unified masking approach J. Cryptographic Engineering 8:2, 2018
www.iaik.tugraz.at Bibliography III H. Groß, E. Wenger, C. Dobraunig, and C. Ehrenh¨ [GWDE15] ofer Suit up! - Made-to-Measure Hardware Implementations of ASCON DSD 2015 [KJJ99] P . C. Kocher, J. Jaffe, and B. Jun Differential Power Analysis CRYPTO ’99 [MPRRS11] M. Medwed, C. Petit, F . Regazzoni, M. Renauld, and F.-X. Standaert Fresh Re-keying II: Securing Multiple Parties against Side-Channel and Fault Attacks Smart Card Research and Advanced Applications, CARDIS 2011
www.iaik.tugraz.at Bibliography IV M. Medwed, F.-X. Standaert, J. Großsch¨ [MSGR10] adl, and F. Regazzoni Fresh Re-keying: Security against Side-Channel and Fault Attacks for Low-Cost Devices AFRICACRYPT 2010 [NRR06] S. Nikova, C. Rechberger, and V. Rijmen Threshold Implementations Against Side-Channel Attacks and Glitches Information and Communications Security, ICICS 2006 [TS14] M. M. I. Taha and P . Schaumont Side-channel countermeasure for SHA-3 at almost-zero area overhead HOST 2014
Recommend
More recommend
