Unknown Plaintext Template Attacks
نویسندگان
چکیده
In this paper we present a variation of the template attack classification process that can be applied to block ciphers when the plaintext and ciphertext used are unknown. In a näıve implementation this attack can be applied to any round of a block cipher. We also show that when a block cipher is implemented with the masking countermeasure a similar attack can be applied to the first round of the cipher. We demonstrate that the attack works in practice by applying it to implementations of AES on 8051 and ARM7 microprocessors. We also demonstrate that the attack can be applied to implementations of block ciphers that use the masking countermeasure when three points are selected from which templates are constructed, or two points if the plaintext can be guessed.
منابع مشابه
Side-Channel Analysis: Combining (Quantitative) Statistical Analysis with Engineer’s (Qualitative) Intuition
In the last decade side-channel cryptanalysis (timing attacks, power attacks, electromagnetic radiation attacks, cache-based attacks etc.) has become an important branch in cryptology. The goal of any side-channel attack is to extract key-dependent information from the leakage signal. For simplicity, we focus on power attacks in the following although our considerations could be adapted to radi...
متن کاملImpossible plaintext cryptanalysis and probable-plaintext collision attacks of 64-bit block cipher modes
The block cipher modes of operation that are widely used (CBC, CTR, CFB) are secure up to the birthday bound; that is, if w2 or fewer bits of data are encrypted with a w-bit block cipher. However, the detailed security properties close to this bound are not widely appreciated, despite the fact that 64-bit block ciphers are sometimes used in that domain. This work addresses the issue by analyzin...
متن کاملAttacks on Additive Encryption of Redundant Plaintext and Implications on Internet Security
We present and analyze attacks on additive stream ciphers that rely on linear equations that hold with non-trivial probability in plaintexts that are encrypted using distinct keys. These attacks extend Biham’s key collision attack and Hellman’s time memory tradeoff attack, and can be applied to any additive stream cipher. We define linear redundancy to characterize the vulnerability of a plaint...
متن کاملBlind Attacks on Engineering Samples
In addition to its usual complexity assumptions, cryptography silently assumes that information can be physically protected in a single location. As we now know, real-life devices are not ideal and confidential information leaks through different physical channels. Whilst most aspects of side channel leakage (cryptophthora) are now well understood, no attacks on totally unknown algorithms are k...
متن کاملFreestyle, a randomized version of ChaCha for resisting offline brute-force and dictionary attacks
This paper introduces Freestyle, a randomized and variable round version of the ChaCha cipher. Freestyle uses the concept of hash based halting condition where a decryption attempt with an incorrect key is likely to take longer time to halt. This makes Freestyle resistant to key-guessing attacks i.e. brute-force and dictionary based attacks. Freestyle demonstrates a novel approach for ciphertex...
متن کامل