A Tale of Snakes and Horses: Amplifying Correlation Power Analysis on Quadratic Maps

IACR Transactions on Cryptographic Hardware and Embedded Systems Pub Date : 2023-12-04 DOI:10.46586/tches.v2024.i1.27-50

Anna Guinet, Georg Land, Ioan Gabriel Bucur, T. Güneysu

{"title":"A Tale of Snakes and Horses: Amplifying Correlation Power Analysis on Quadratic Maps","authors":"Anna Guinet, Georg Land, Ioan Gabriel Bucur, T. Güneysu","doi":"10.46586/tches.v2024.i1.27-50","DOIUrl":null,"url":null,"abstract":"We study the success probabilities of two variants of Correlation Power Analysis (CPA) to retrieve multiple secret bits. The target is a permutation-based symmetric cryptographic construction with a quadratic map as an S-box. More precisely, we focus on the nonlinear mapping X used in the Xoodoo and Keccak-p permutations, which is affine equivalent to the nonlinear mapping of Ascon. We thus consider three-bit and five-bit S-boxes. Our leakage model is the difference in power consumption of register cells before and after one round. It reflects that, >in hardware, the aforesaid cryptographic algorithms are usually implemented by deploying a round-based architecture. The power consumption difference depends on whether the targeted bits in the register flip. In particular, we describe two attacks based on the CPA methodology. First, we start with a standard CPA approach, for which, to the best of our knowledge, we are the first to point out the differences between attacking a three-bit and a five-bit S-box. For CPA, the highest correlation coefficient is the most likely secret hypothesis. We improve on this with our novel combined Correlation Power Analysis (combined CPA), or Snake attack, which uses quadratic map cryptanalysis (e.g., of the function X) to achieve a better attack in terms of the number of traces required and computational complexity. For the Snake attack, sums of absolute or squared values of correlation coefficients are used to determine the most likely guess. As a result, we effectively show that our proposed Snake attack can recover the secret in n22 (or n22+n) intermediate results, compared to 22n for the CPA, where n is the length of the targeted S-Box. We collected power measurements from a hardware setup to demonstrate practical attack success probabilities according to the rank of the correct secret hypothesis both for Xoodoo and Keccak-p. In addition, we explain our success probabilities thanks to the Henery model developed for horse races. In short, after performing 16,896 attacks, the Snake attack or combined CPA on Xoodoo consistently recovers the correct secret bits with each attack using 43,860 traces on average and with only 12 correlations, compared to 61,380 traces for the standard CPA attack with 64 correlations. The Snake attack requires about one-fifth as many correlation values as the standard CPA. For Keccak-p, the difference is more drastic: the Snake attack recovers the secret bits invariably after 771,600 traces with just 20 correlations. In contrast, the standard CPA attack operates on 1,024 correlations (about fifty times more than the Snake attack) and requires 1,223,400 traces.","PeriodicalId":321490,"journal":{"name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","volume":"7 7","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IACR Transactions on Cryptographic Hardware and Embedded Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.46586/tches.v2024.i1.27-50","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

We study the success probabilities of two variants of Correlation Power Analysis (CPA) to retrieve multiple secret bits. The target is a permutation-based symmetric cryptographic construction with a quadratic map as an S-box. More precisely, we focus on the nonlinear mapping X used in the Xoodoo and Keccak-p permutations, which is affine equivalent to the nonlinear mapping of Ascon. We thus consider three-bit and five-bit S-boxes. Our leakage model is the difference in power consumption of register cells before and after one round. It reflects that, >in hardware, the aforesaid cryptographic algorithms are usually implemented by deploying a round-based architecture. The power consumption difference depends on whether the targeted bits in the register flip. In particular, we describe two attacks based on the CPA methodology. First, we start with a standard CPA approach, for which, to the best of our knowledge, we are the first to point out the differences between attacking a three-bit and a five-bit S-box. For CPA, the highest correlation coefficient is the most likely secret hypothesis. We improve on this with our novel combined Correlation Power Analysis (combined CPA), or Snake attack, which uses quadratic map cryptanalysis (e.g., of the function X) to achieve a better attack in terms of the number of traces required and computational complexity. For the Snake attack, sums of absolute or squared values of correlation coefficients are used to determine the most likely guess. As a result, we effectively show that our proposed Snake attack can recover the secret in n22 (or n22+n) intermediate results, compared to 22n for the CPA, where n is the length of the targeted S-Box. We collected power measurements from a hardware setup to demonstrate practical attack success probabilities according to the rank of the correct secret hypothesis both for Xoodoo and Keccak-p. In addition, we explain our success probabilities thanks to the Henery model developed for horse races. In short, after performing 16,896 attacks, the Snake attack or combined CPA on Xoodoo consistently recovers the correct secret bits with each attack using 43,860 traces on average and with only 12 correlations, compared to 61,380 traces for the standard CPA attack with 64 correlations. The Snake attack requires about one-fifth as many correlation values as the standard CPA. For Keccak-p, the difference is more drastic: the Snake attack recovers the secret bits invariably after 771,600 traces with just 20 correlations. In contrast, the standard CPA attack operates on 1,024 correlations (about fifty times more than the Snake attack) and requires 1,223,400 traces.

查看原文本刊更多论文

蛇与马的故事：四元图上的放大相关功率分析

研究了两种相关幂分析方法检索多个秘密比特的成功概率。目标是一个基于置换的对称密码结构，以二次映射作为s盒。更准确地说，我们关注Xoodoo和Keccak-p置换中使用的非线性映射X，它是仿射等价于Ascon的非线性映射。因此，我们考虑3位和5位s盒。我们的泄漏模型是一轮前后寄存器单元的功耗差异。这反映了在硬件中，上述加密算法通常是通过部署基于轮的架构来实现的。功耗差异取决于寄存器中的目标位是否翻转。特别地，我们描述了基于CPA方法的两种攻击。首先，我们从标准的CPA方法开始，据我们所知，我们是第一个指出攻击3位和5位S-box之间差异的人。对于CPA，相关系数最高的是最有可能的秘密假设。我们通过新颖的组合相关功率分析(combined CPA)或Snake攻击来改进这一点，该攻击使用二次映射密码分析(例如，函数X)来实现所需跟踪数量和计算复杂性方面的更好攻击。对于Snake攻击，使用相关系数的绝对值或平方值的总和来确定最可能的猜测。因此，我们有效地证明了我们提出的Snake攻击可以在n22(或n22+n)个中间结果中恢复秘密，而CPA的中间结果为22n，其中n是目标S-Box的长度。我们从硬件设置中收集了功率测量值，以根据Xoodoo和Keccak-p的正确秘密假设的等级来演示实际的攻击成功概率。此外，我们解释了我们的成功概率，这要归功于为赛马开发的Henery模型。简而言之，在执行了16,896次攻击后，Snake攻击或Xoodoo的组合CPA攻击始终能够在每次攻击中恢复正确的密钥位，平均使用43,860条跟踪，只有12个相关性，而标准CPA攻击使用61,380条跟踪，具有64个相关性。Snake攻击需要的相关值大约是标准CPA的五分之一。对于Keccak-p来说，差异更大:Snake攻击总是在771,600条痕迹之后恢复秘密比特，只有20个相关性。相比之下，标准的CPA攻击操作1024个关联(大约是Snake攻击的50倍)，需要1,223,400个跟踪。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IACR Transactions on Cryptographic Hardware and Embedded Systems

自引率

0.00%

发文量