Protecting secret keys with table encoding against power analysis attacks

Abstract

Side channel attack exploits the fact that the implementations of cryptographic algorithms leak information about the secret key. Power analysis attack makes use of power consumption of the target device for leakage information with respect to secret data. Power analysis attack falls into two types: simple power analysis (SPA) and differential power analysis (DPA). In SPA, an attacker observes patterns of power consumption to find secret data or to locate a target operation. DPA attack hypothesizes the intermediate values of all key candidates and recovers the secret key with statistical process to the power consumption. One of the strong points of DPA is that it does not require any detailed information about the implementation to reveal the secret data. Masking is a widely used countermeasure to thwart the powerful DPA attacks. It makes the attacker fail to reveal secret data via randomizing intermediate values which are related to secret data in crypto implementation. A first-order masking which uses only one mask is vulnerable to a second-order DPA which exploits two intermediate values to cancel out the mask using arithmetic operations. To circumvent this second order DPA, a second-order masking is necessary, but it is sometimes hundreds of times slower than a straightforward implementation. This is the main reason this cannot be adopted in practical applications. In this thesis, we propose a new countermeasure scheme to resist power analysis attack. Our scheme randomizes all the intermediate values of a block cipher by encoding primitives of a cryptographic algorithm to lookup tables and makes the transformed implementation resistant to power analysis attack. We apply our scheme to well-known block cipher, HIGHT and AES. Our protected implementation of HIGHT takes only 1.79 times compared to the straightforward implementation, and it needs 25 Kbytes memory space to store lookup tables.