CPA on COLM Authenticated Cipher and the Protection Using Domain-Oriented Masking

Abstract

Authenticated encryption schemes are important cryptographic primitives that received extensive attention recently. They can provide both confidentiality and authenticity services, simultaneously. Correlation power analysis (CPA) can be a thread for authenticated ciphers, similar to the any physical implementation of any other cryptographic scheme. In this paper, a three-step CPA attack against COLM, one of the winners of CAESAR, is presented to indicate its vulnerability. To validate this attack, COLM is implemented on the FPGA of the SAKURA-G board. A successful CPA attack with zero value power model is mounted by measuring and collecting 1,800 power traces. In addition, a protected hardware architecture for COLM is proposed to make this design secure against first-order CPA attacks, where a domain-oriented masking (DOM) scheme with two-input/output shares is used to protect it. To verify these countermeasures, we mount first and second-order CPA attacks and a non-specified t-test on the protected COLM. Keywords: Authenticated Cipher, COLM, CPA, DOM, Masking.