High-resolution EM attacks against leakage-resilient PRFs Explained: And an improved construction

Florian Unterstein, Johann Heyszl, Fabrizio De Santis, Robert Specht, Georg Sigl

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

7 Scopus citations

Abstract

Achieving side-channel resistance through Leakage Resilience (LR) is highly relevant for embedded devices where requirements of other countermeasures such as e.g. high quality random numbers are hard to guarantee. The main challenge of LR lays in the initialization of a secret pseudorandom state from a long-term key and public input. Leakage-Resilient Pseudo-Random Functions (LR-PRFs) aim at solving this by bounding side-channel leakage to non-exploitable levels through frequent re-keying. Medwed et al. recently presented an improved construction at ASIACRYPT 2016 which uses “unknown-inputs” in addition to limited data complexity and correlated algorithmic noise from parallel S-boxes. However, a subsequent investigation uncovered a vulnerability to high-precision EM analysis on FPGA. In this paper, we follow up on the reasons why such attacks succeed on FPGAs. We find that in addition to the high spatial resolution, it is mainly the high temporal resolution which leads to the reduction of algorithmic noise from parallel S-boxes. While spatial resolution is less threatening for smaller technologies than the used FPGA, temporal resolution will likely remain an issue since balancing the timing behavior of signals in the nanosecond range seems infeasible today. Nonetheless, we present an improvement of the ASIACRYPT 2016 construction to effectively protect against EM attacks with such high spatial and high temporal resolution. We carefully introduce additional key entropy into the LR-PRF construction to achieve a high remaining security level even when implemented on FPGAs. With this improvement, we finally achieve side-channel secure LR-PRFs in a practical and simple way under verifiable empirical assumptions.

Original languageEnglish
Title of host publicationTopics in Cryptology – CT-RSA 2018 - The Cryptographers’ Track at the RSA Conference 2018, Proceedings
EditorsNigel P. Smart
PublisherSpringer Verlag
Pages413-434
Number of pages22
ISBN (Print)9783319769523
DOIs
StatePublished - 2018
EventInternational Conference on Cryptographers Track at the RSA Conference on Topics in Cryptology, CT-RSA 2018 - San Francisco, United States
Duration: 16 Apr 201820 Apr 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10808 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

ConferenceInternational Conference on Cryptographers Track at the RSA Conference on Topics in Cryptology, CT-RSA 2018
Country/TerritoryUnited States
CitySan Francisco
Period16/04/1820/04/18

Keywords

  • AES
  • Leakage-resilient cryptography
  • PRF high-resolution localized EM attacks

Fingerprint

Dive into the research topics of 'High-resolution EM attacks against leakage-resilient PRFs Explained: And an improved construction'. Together they form a unique fingerprint.

Cite this