An Improved Power Analysis Attack Against Camellia's Key Schedule
نویسندگان
چکیده
This paper presents an improved simple power analysis attack against the key schedule of Camellia. While the original attack required an exact determination of the Hamming weight of intermediate data values based on power measurements, in this paper, two variants of the simple power analysis attack are presented and shown to be tolerant of errors that might occur in the Hamming weight determinations. In practical applications of the attack such errors are likely to occur due to noise and distortion in the power measurements and their mapping to the Hamming weights of the data. Further, we propose a practical method to evaluate the susceptibility of other block ciphers to simple power analysis attacks. To resist these attacks, the required design rationale of key schedules and several practical countermeasures are suggested.
منابع مشابه
A simple power analysis attack against the key schedule of the Camellia block cipher
This paper presents a simple power analysis attack against the key schedule of Camellia. The attack works for the smart card environment which leaks the Hamming weight of data being processed, making use of the Hamming weight to deduce all key bits. It is shown that determining the cipher key given accurate power analysis data is very fast and does not require any pair of plaintext and ciphertext.
متن کاملBiclique Cryptanalysis of Block Ciphers LBlock and TWINE-80 with Practical Data Complexity
In the biclique attack, a shorter biclique usually results in less data complexity, but at the expense of more computational complexity. The early abort technique can be used in partial matching part of the biclique attack in order to slightly reduce the computations. In this paper, we make use of this technique, but instead of slight improvement in the computational complexity, we keep the amo...
متن کاملCombined Attacks on the AES Key Schedule
We present new combined attacks on the AES key schedule based on the work of Roche et al. [16]. The main drawbacks of the original attack are: the need for high repeatability of the fault, a very particular fault model and a very high complexity of the key recovery algorithm. We consider more practical fault models, we obtain improved key recovery algorithms and we present more attack paths for...
متن کاملTemplate Attacks with a Power Model
This article analyses some properties of the template attack. Examples come from attacks against an unprotected ASIC implementation of DES. The principal components analysis (PCA) is used to represent the templates in two dimensions. We give a physical interpretation of the templates PCA eigenvalues and eigenvectors. We show that the S-boxes are not the target of template attacks. We point out ...
متن کاملA Simple Power Analysis Attack on the Serpent Key Schedule
We describe an SPA attack on an 8-bit smart card implementation of the Serpent block cipher. Our attack uses measurements taken during an on-the-fly key expansion together with linearity in the cipher’s key schedule algorithm to drastically reduce the search time for an initial key. An implementation finds 256-bit keys in 3.736 ms on average. Our work shows that linearity in key schedule design...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2005 شماره
صفحات -
تاریخ انتشار 2005