Physical attacks on block ciphers
Date of Issue2016
School of Physical and Mathematical Sciences
The security of a cryptosystem is often compromised, not from a theoretical point of view, but by the leakage caused by the physical implementation of the cryptographic algorithm. A new class of attacks, called physical attacks, has shown the capability to exploit the unintentional physical behaviors from the cryptographic device, which usually provide enough information to recover the secret keys. Different methods have been proposed for conducting the attacks. Two of the main focus of physical attacks are side-channel attacks and fault attacks. For side-channel attacks, the strongest cryptanalysis can be carried when the attacker can profile the targeted device. In profiling based side-channel attacks, a model is constructed to characterize the leakage behavior from the device. Recently, machine learning algorithms have been proposed as alternatives for the classical profiling based attacks. Machine learning and side-channel analysis are two different fields of study, however they are similar, in a sense that both are mostly dealing with the same problem (i.e., classification). For fault attacks, the aim of the attacker is to disrupt the execution of cryptographic algorithms. Based on the erroneous results, it is possible to gain some additional information regarding the secret key. Many methods can be used to force a fault to the device, however, laser fault injection is still considered as the preferred tools for injecting faults, due to its high precision and repeatability. In this thesis, various aspects of the physical attacks are covered, with an emphasis on block cipher implementation. Specifically, this thesis focuses on several topics: - Using machine learning as a tool for profiling based side-channel at-tacks. We first investigate different machine learning methods as alternative methods for classical profiling based attacks. Then, in the next work, machine learning is utilized for the construction of an accurate leakage model. Lastly, machine learning is used in combination with profiling side-channel attacks for detection of hardware trojan (malicious modification in the device), which can also be extended to the scenario where there is no golden reference. - Investigating theoretical fault attacks and its practicability. We first provide a theoretical fault attacks on LEA block cipher. Then, investigations and experiments are done to highlight the practicability of fault attacks, focusing on laser fault injections on smart cards.
DRNTU::Engineering::Computer science and engineering::Data::Data encryption