Special Issue "Side Channel and Fault Injection Attacks and Countermeasures"

A special issue of Cryptography (ISSN 2410-387X).

Deadline for manuscript submissions: closed (30 October 2020).

Special Issue Editors

Prof. Dr. Claude Carlet
E-Mail Website
Guest Editor
Department of Informatics, University of Bergen, N-5008 Bergen, Norway; Département de mathématiques, Université Paris 8, 93526 Saint-Denis, France
Interests: boolean functions; symmetric cryptography; error correcting codes
Dr. Pierrick Méaux
E-Mail Website
Guest Editor
Institue of Information and Communication Technologies, Electronics and Applied Mathematics, Université catholique de Louvain, 1348 Ottignies-Louvain-la-Neuve, Belgium
Interests: symmetric/asymmetric cryptography; fully homomorphic encryption; Boolean functions
Dr. Romain Poussier
E-Mail Website
Guest Editor
Nanyang Technological University, Temasek Laboratories, 50 Nanyang Drive, Research Techno Plaza, BorderX Block, 9th Storey, Singapour 637553
Interests: symmetric/asymmetric cryptography, side-channel attacks, micro-architectural attacks

Special Issue Information

Dear Colleagues,

Since the late ’90s, the security of cryptosystems has evolved from pure mathematical abstractions to practical physical concerns. Due to side-channel attacks and fault attacks, primitives that were secure from a theoretical point of view (in the black-box model where the adversary can only access to the inputs/outputs of algorithms) became insecure when implemented in practice. Such variety of attacks, targeting the execution timing, power consumption, or electromagnetic radiations for example, typically target small platforms such as microchips. With the current massive growth of embedded devices dealing with sensitive information from different fields (e.g. automotive, banking, medical, electronic-ID) and with the exponential increase in the number of connected devices from the Internet of Things, physical security has taken a central position in research.

This special issue focuses on the general topic of physical security in theory and in practice, from the design of state-of-the-art attacks, countermeasures, provable secure implementations and security evaluations. Areas of interest include:

  • Symmetric/asymmetric cryptography
  • Side-channel attacks
  • Fault attacks
  • Probing model and masking schemes
  • Software/Hardware countermeasures
  • Secure implementations
  • Security evaluation

Prof. Dr. Claude Carlet
Dr. Pierrick Méaux
Dr. Romain Poussier
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Cryptography is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Cryptography
  • Side-channel attacks
  • Fault attacks
  • Probing model
  • Countermeasures
  • Physical security
  • Embedded devices

Published Papers (4 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Jump to: Review

Open AccessArticle
How Bad Are Bad Templates? Optimistic Design-Stage Side-Channel Security Evaluation and its Cost
Cryptography 2020, 4(4), 36; https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography4040036 - 08 Dec 2020
Viewed by 766
Abstract
Cryptographic designs are vulnerable to side-channel analysis attacks. Evaluating their security during design stages is of crucial importance. The latter is achieved by very expensive (slow) analog transient-noise simulations over advanced fabrication process technologies. The main challenge of such rigorous security-evaluation analysis lies [...] Read more.
Cryptographic designs are vulnerable to side-channel analysis attacks. Evaluating their security during design stages is of crucial importance. The latter is achieved by very expensive (slow) analog transient-noise simulations over advanced fabrication process technologies. The main challenge of such rigorous security-evaluation analysis lies in the fact that technologies are becoming more and more complex and the physical properties of manufactured devices vary significantly due to process variations. In turn, a detailed security evaluation process imposes exponential time complexity with the circuit-size, the number of physical implementation corners (statistical variations) and the accuracy of the circuit-simulator. Given these circumstances, what is the cost of not exhausting the entire implementation space? In terms of simulation-time complexity, the benefits would clearly be significant; however, we are interested in evaluating the security implications. This question can be formulated for many other interesting side-channel contexts such as for example, how would an attack-outcome vary when the adversary is building a leakage template over one device, i.e., one physical corner, and it performs an evaluation (attack) phase of a device drawn from a different statistical corner? Alternatively, is it safe to assume that a typical (average) corner would represent the worst case in terms of security evaluation or would it be advisable to perform a security evaluation over another specific view? Finally, how would the outcome vary concretely? We ran in-depth experiments to answer these questions in the hope of finding a nice tradeoff between simulation efforts and expertise, and security-evaluation degradation. We evaluate the results utilizing methodologies such as template-attacks with a clear distinction between profiling and attack-phase statistical views. This exemplary view of what an adversary might capture in these scenarios is followed by a more complete statistical evaluation analysis utilizing tools such as the Kullback–Leibler (KL) divergence and the Jensen-Shannon (JS) divergence to draw conclusions. Full article
(This article belongs to the Special Issue Side Channel and Fault Injection Attacks and Countermeasures)
Show Figures

Figure 1

Open AccessArticle
Side-Channel Evaluation Methodology on Software
Cryptography 2020, 4(4), 27; https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography4040027 - 25 Sep 2020
Viewed by 1190
Abstract
Cryptographic implementations need to be robust amidst the widespread use of crypto-libraries and attacks targeting their implementation, such as side-channel attacks (SCA). Many certification schemes, such as Common Criteria and FIPS 140, continue without addressing side-channel flaws. Research works mostly tackle sophisticated attacks [...] Read more.
Cryptographic implementations need to be robust amidst the widespread use of crypto-libraries and attacks targeting their implementation, such as side-channel attacks (SCA). Many certification schemes, such as Common Criteria and FIPS 140, continue without addressing side-channel flaws. Research works mostly tackle sophisticated attacks with simple use-cases, which is not the reality where end-to-end evaluation is not trivial. In this study we used all due diligence to assess the invulnerability of a given implementation from the shoes of an evaluator. In this work we underline that there are two kinds of SCA: horizontal and vertical. In terms of quotation, measurement and exploitation, horizontal SCA is easier. If traces are constant-time, then vertical attacks become convenient, since there is no need for specific alignment (“value based analysis”). We introduce our new methodology: Vary the key to select sensitive samples, where the values depend upon the key, and subsequently vary the mask to uncover unmasked key-dependent leakage, i.e., the flaws. This can be done in the source code (pre-silicon) for the designer or on the actual traces (post-silicon) for the test-lab. We also propose a methodology for quotations regarding SCA unlike standards that focus on only one aspect (like number of traces) and forgets about other aspects (such as equipment; cf. ISO/IEC 20085-1. Full article
(This article belongs to the Special Issue Side Channel and Fault Injection Attacks and Countermeasures)
Show Figures

Figure 1

Open AccessArticle
Hardware Performance Evaluation of Authenticated Encryption SAEAES with Threshold Implementation
Cryptography 2020, 4(3), 23; https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography4030023 - 09 Aug 2020
Viewed by 1388
Abstract
SAEAES is the authenticated encryption algorithm instantiated by combining the SAEB mode of operation with AES, and a candidate of the NIST’s lightweight cryptography competition. Using AES gives the advantage of backward compatibility with the existing accelerators and coprocessors that the industry has [...] Read more.
SAEAES is the authenticated encryption algorithm instantiated by combining the SAEB mode of operation with AES, and a candidate of the NIST’s lightweight cryptography competition. Using AES gives the advantage of backward compatibility with the existing accelerators and coprocessors that the industry has invested in so far. Still, the newer lightweight block cipher (e.g., GIFT) outperforms AES in compact implementation, especially with the side-channel attack countermeasure such as threshold implementation. This paper aims to implement the first threshold implementation of SAEAES and evaluate the cost we are trading with the backward compatibility. We design a new circuit architecture using the column-oriented serialization based on the recent 3-share and uniform threshold implementation (TI) of the AES S-box based on the generalized changing of the guards. Our design uses 18,288 GE with AES’s occupation reaching 97% of the total area. Meanwhile, the circuit area is roughly three times the conventional SAEB-GIFT implementation (6229 GE) because of a large memory size needed for the AES’s non-linear key schedule and the extended states for satisfying uniformity in TI. Full article
(This article belongs to the Special Issue Side Channel and Fault Injection Attacks and Countermeasures)
Show Figures

Figure 1

Review

Jump to: Research

Open AccessReview
Power Side-Channel Attack Analysis: A Review of 20 Years of Study for the Layman
Cryptography 2020, 4(2), 15; https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography4020015 - 19 May 2020
Cited by 1 | Viewed by 2372
Abstract
Physical cryptographic implementations are vulnerable to so-called side-channel attacks, in which sensitive information can be recovered by analyzing physical phenomena of a device during operation. In this survey, we trace the development of power side-channel analysis of cryptographic implementations over the last twenty [...] Read more.
Physical cryptographic implementations are vulnerable to so-called side-channel attacks, in which sensitive information can be recovered by analyzing physical phenomena of a device during operation. In this survey, we trace the development of power side-channel analysis of cryptographic implementations over the last twenty years. We provide a foundation by exploring, in depth, several concepts, such as Simple Power Analysis (SPA), Differential Power Analysis (DPA), Template Attacks (TA), Correlation Power Analysis (CPA), Mutual Information Analysis (MIA), and Test Vector Leakage Assessment (TVLA), as well as the theories that underpin them. Our introduction, review, presentation, and survey of topics are provided for the “non expert”, and are ideal for new researchers entering this field. We conclude the work with a brief introduction to the use of test statistics (specifically Welch’s t-test and Pearson’s chi-squared test) as a measure of confidence that a device is leaking secrets through a side-channel and issue a challenge for further exploration. Full article
(This article belongs to the Special Issue Side Channel and Fault Injection Attacks and Countermeasures)
Show Figures

Figure 1

Back to TopTop