On the Vulnerability of Low Entropy Masking Schemes
نویسندگان
چکیده
Low Entropy Masking Schemes (LEMS) have been proposed to offer a reasonable tradeoff between the good protection against side-channel attacks offered by masking countermeasures and the high overhead that results from their implementation. Besides the limited analysis done in the original proposals of LEMS, their specific leakage characteristics have not yet been analyzed. This work explores the leakage behavior of these countermeasures and shows two different methods how the leakage can be exploited, even by generic univariate attacks. In particular, an attack that exploits specific properties of RSM for AES as well as a more generic attack making very little assumptions about the underlying LEMS are introduced. All attacks are practically verified by applying them to publicly available leakage samples of the RSM countermeasure.
منابع مشابه
CPA on COLM Authenticated Cipher and the Protection Using Domain-Oriented Masking
Authenticated encryption schemes are important cryptographic primitives that received extensive attention recently. They can provide both confidentiality and authenticity services, simultaneously. Correlation power analysis (CPA) can be a thread for authenticated ciphers, similar to the any physical implementation of any other cryptographic scheme. In this paper, a three-step CPA attack against...
متن کاملLow Entropy Masking Schemes, Revisited
Low Entropy Masking Schemes (LEMS) are a recent countermeasure against side-channel attacks. They aim at reducing the randomness requirements of masking schemes under certain (adversarial and implementation) conditions. Previous works have put forward the interest of this approach when such conditions are met. We complement these investigations by analyzing LEMS against adversaries and implemen...
متن کاملEntropy of Hybrid Censoring Schemes
A hybrid censoring scheme is a mixture of type I and type II censoring schemes. When $n$ items are placed on a life test, the experiment terminates under type I or type II hybrid censoring scheme if either a pre-fixed censoring time T or the rth (1<=r<=n is fixed) failure is first or later observed, respectively. In this paper, we investigate the decomposition of entropy in both hybrid cen...
متن کاملSome Results Based on Entropy Properties of Progressive Type-II Censored Data
In many life-testing and reliability studies, the experimenter might not always obtain complete information on failure times for all experimental units. One of the most common censoring schemes is progressive type-II censoring. The aim of this paper is characterizing the parent distributions based on Shannon entropy of progressive type-II censored order statistics. It is shown that the equality...
متن کاملImproved Extraction-Separation of Lanthanum/ Europium Ions by Bis(2-ethylhexyl)phosphoric Acid Using 12-Crown-4 as an Ion Selective Masking Agent
The extraction-separation of lanthanum and europium ions with bis(2-ethylhexyl) phosphoric acid (DEHPA) in cyclohexane was improved by adding 12-crown-4 (12C4) to the aqueous phase as a masking agent. In the presence of this crown ether the extraction curve of lanthanum ions versus pH shifts to the higher pH region, while the curve is not influenced for the europium ions. Consequently the s...
متن کامل