A Practical Chosen Message Power Analysis Approach against the Key Whitening Layers on the Loop Architecture

In practice, the key whitening layer is a commonly adopted structure in symmetric ciphers, and the loop architecture is widely applied in hardware implementation of these ciphers. Up to now, conventional DPA is hard to recover the key of such ciphers, since the key whitening layer hides the input (output) of the first (last) round from the plaintext (ciphertext). In this paper, we propose a practical chosen message power analysis approach against the loop architecture of ciphers with the key whitening layers. The starting point of the new approach is the delicate selection of the plaintext set in a chosen message manner, which decreases the space of the plaintext to a reasonable size within the ability of DPA. After choosing the plaintext, we can recover the whitening key through fully exploiting the intermediate variable which is mixed up with the round key and the whitening key. More precisely, we take the round key and the whitening key as a unity and recover it by the chosen message DPA, and then derive the whitening key according to the relationship between the whitening key and the unity. Finally, we can derive the master key from the whitening keys. In order to further manifest the validity of the new approach, we carry extensive experiments on two ISO standardized ciphers CLEFIA and Camellia implemented in loop architecture on FPGA, and the keys are recovered as expected.