Online Template Attacks: Revisited
نویسندگان
چکیده
An online template attack (OTA) is a powerful technique previously used to elliptic curve scalar multiplication algorithms. This has only been analyzed in the realm of power consumption and EM side channels, where signals leak related value being processed. However, microarchitecture have no such feature, invalidating some assumptions from previous OTA works.In this paper, we revisit descriptions, proposing generic framework evaluation metrics for any side-channel signal. Our analysis reveals features not considered, increasing its application scenarios requiring fresh countermeasure prevent it.In regard, demonstrate that OTAs can work backward direction, allowing mount an augmented projective coordinates with respect proposal by Naccache, Smart Stern (Eurocrypt 2004). demonstrates randomizing initial targeted algorithm state does as believed works.We analyze three libraries libgcrypt, mbedTLS, wolfSSL using two channels. For libgcrypt case, target EdDSA implementation Curve25519 twist curve. We obtain similar results mbedTLS secp256r1. each library, execute extensive instances are able recover complete all cases single trace.This attacks also very scenario, recovering secret information without knowing leakage model. highlights importance developing secure-by-default implementations, instead fix-on-demand ones.
منابع مشابه
Template Attacks
We present template attacks, the strongest form of side channel attack possible in an information theoretic sense. These attacks can break implementations and countermeasures whose security is dependent on the assumption that an adversary cannot obtain more than one or a limited number of side channel samples. They require that an adversary has access to an identical experimental device that he...
متن کاملTemplate Attacks on ECDSA
Template attacks have been considered exclusively in the context of implementations of symmetric cryptographic algorithms on 8-bit devices. Within these scenarios, they have proven to be the most powerful attacks. This is not surprising because they assume the most powerful adversaries. In this article we investigate how template attacks can be applied to implementations of an asymmetric crypto...
متن کاملPractical Template Attacks
Side-channel attacks pose a serious threat to implementations of cryptographic algorithms. In the pioneering article of Chari, Rao and Rohatgi, the general idea behind template attacks was introduced. Template attacks apply advanced statistical methods and can break implementations secure against other forms of side-channel attacks. However, in our research it turned out that several details, w...
متن کاملUnknown Plaintext Template Attacks
In this paper we present a variation of the template attack classification process that can be applied to block ciphers when the plaintext and ciphertext used are unknown. In a näıve implementation this attack can be applied to any round of a block cipher. We also show that when a block cipher is implemented with the masking countermeasure a similar attack can be applied to the first round of t...
متن کاملEfficient Template Attacks
Template attacks remain a powerful side-channel technique to eavesdrop on tamper-resistant hardware. They model the probability distribution of leaking signals and noise to guide a search for secret data values. In practice, several numerical obstacles can arise when implementing such attacks with multivariate normal distributions. We propose efficient methods to avoid these. We also demonstrat...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IACR transactions on cryptographic hardware and embedded systems
سال: 2021
ISSN: ['2569-2925']
DOI: https://doi.org/10.46586/tches.v2021.i3.28-59