Cryptographic Hardware and Embedded Systems - CHES 2016
18th International Conference, Santa Barbara, CA, USA, August 17-19, 2016, Proceedings
Published on 3. August 2016
XIV, 650 pages
978-3-662-53140-2 (ISBN)
Description
This book constitutes the proceedings of the 18th International Conference on Cryptographic Hardware and Embedded Systems, CHES 2016, held in Santa Barbara, CA, USA, in August 2016.
The 30 full papers presented in this volume were carefully reviewed and selected from 148 submissions. They were organized in topical sections named: side channel analysis; automotive security; invasive attacks; side channel countermeasures; new directions; software implementations; cache attacks; physical unclonable functions; hardware implementations; and fault attacks.
More details
Other editions
Additional editions
Benedikt Gierlichs | Axel Y. Poschmann
Cryptographic Hardware and Embedded Systems - CHES 2016
18th International Conference, Santa Barbara, CA, USA, August 17-19, 2016, Proceedings
Book
08/2016
Springer
€53.49
Shipment within 7-9 days
Content
- Intro
- Preface
- CHES 2016
- Contents
- Side Channel Analysis
- Correlated Extra-Reductions Defeat Blinded Regular Exponentiation
- 1 Introduction
- 2 State of the Art of Extra-Reductions Probabilities
- 2.1 Montgomery Modular Multiplication: Definitions and Notations
- 2.2 A Bias to Differentiate a Multiply from a Square
- 3 A Bias to Test the Dependency of Operations
- 3.1 Principle of Correlated Extra-Reductions
- 3.2 Methodology to Analyze the Bias
- 3.3 Mathematical Derivations
- 4 Exploiting the Bias Using Our Attack
- 5 Experimental Results
- 5.1 Simulations
- 5.2 Experimental Detection of Extra-Reductions
- 5.3 Conclusions on Experiments
- 6 Conclusion
- A Analysis of Extra-Reduction in OpenSSL and MbedTLS Source Codes
- References
- Horizontal Side-Channel Attacks and Countermeasures on the ISW Masking Scheme
- 1 Introduction
- 2 Preliminaries
- 3 Secure Multiplication Schemes
- 4 Horizontal DPA Attack
- 4.1 Problem Description
- 4.2 Complexity Lower Bound: Entropy Analysis of Noisy Hamming Weight Leakage
- 4.3 Attack with Perfect Hamming Weight Observations
- 4.4 Maximum Likelihood Attack: Theoretical Attack with the Full ISW State
- 5 First Attack: Maximum Likelihood Attack on a Single Matrix Row
- 5.1 Attack Description
- 5.2 Complexity Analysis
- 5.3 Numerical Experiments
- 6 Second Attack: Iterative Attack
- 6.1 Attack Description
- 6.2 Numerical Experiments
- 7 Practical Results
- 8 A Countermeasure Against the Previous Attacks
- 8.1 Description
- 8.2 Security Analysis
- A Proof of Lemma 2
- References
- Towards Easy Leakage Certification
- 1 Introduction
- 2 Background
- 2.1 Measurement Setup
- 2.2 PDF Estimation Methods
- 2.3 Evaluation Metrics
- 2.4 Estimating a Metric with Cross-validation
- 3 A Motivating Negative Result
- 4 A New Method to Detect Assumption Errors
- 4.1 Test Specification
- 5 Simulated Experiments
- 6 Software Experiments
- 7 Quantifying the Information Loss
- 8 Open Source Code
- 9 Hardware Experiments
- 10 Conclusion
- References
- Simple Key Enumeration (and Rank Estimation) Using Histograms: An Integrated Approach
- 1 Introduction
- 2 Background
- 2.1 Algorithms Inputs
- 2.2 Preprocessing
- 2.3 Toolbox
- 3 Enumeration Algorithm
- 4 Open Source Code
- 5 Performance Evaluations
- 5.1 Enumeration Accuracy
- 5.2 Factorization
- 5.3 Time Complexity
- 6 Application Scenarios
- 7 Related Work
- 8 Conclusion
- A Additional Time Complexites
- References
- Automotive Security
- Physical Layer Group Key Agreement for Automotive Controller Area Networks
- 1 Introduction
- 1.1 Our Contributions
- 1.2 Related Work
- 1.3 Organization
- 2 Preliminaries
- 2.1 Notation
- 2.2 System Model and Assumptions
- 2.3 Adversarial Model
- 2.4 Cryptographic Assumptions
- 2.5 Security Definition
- 3 Two Party Plug-and-Secure (PnS) Protocol
- 4 Group Key Agreement Schemes
- 4.1 Simple Group Protocol
- 4.2 Tree Based Group Protocol
- 5 Authenticated Group Key Agreement Schemes
- 5.1 Authenticated Tree Based Protocol
- 5.2 Authenticated Linear Group Protocol
- 6 Discussion
- 6.1 Security Properties
- 6.2 Performance
- 6.3 Conclusion
- References
- -- vatiCAN -- Vetted, Authenticated CAN Bus
- 1 Introduction
- 2 Background
- 3 Design
- 3.1 Problem Statement
- 3.2 Threat Model
- 3.3 High Level Concept
- 3.4 Replay Attacks (C6)
- 4 Implementation
- 4.1 Hardware Platform
- 4.2 Secure Message Selection
- 4.3 Software Architecture
- 5 Performance Evaluation
- 5.1 Bus Congestion
- 5.2 Memory Footprint
- 6 Security Evaluation
- 7 Related Work
- 8 Limitations and Future Work
- 9 Conclusion
- A Availability
- B VW Passat B6 CAN Messages
- References
- Invasive Attacks
- Mitigating SAT Attack on Logic Locking
- 1 Introduction
- 2 Background: SAT Attack
- 2.1 Attack Model
- 2.2 Attack Insight
- 2.3 Attack Algorithm
- 3 Efficiency Analysis of SAT Attack
- 4 Anti-SAT Block Design
- 4.1 Construction of Anti-SAT Block
- 4.2 SAT Attack Complexity Analysis
- 4.3 Anti-SAT Block Location
- 4.4 Anti-SAT Block Obfuscation
- 5 Experiments and Results
- 5.1 Anti-SAT Block Design
- 5.2 Anti-SAT Block Application
- 5.3 Anti-SAT Obfuscation
- 5.4 Performance Overhead of the Anti-SAT Block
- 6 Conclusion
- References
- No Place to Hide: Contactless Probing of Secret Data on FPGAs
- 1 Introduction
- 2 Background
- 2.1 FPGA Security During Configuration
- 2.2 Current PUF Implementations
- 2.3 Laser Voltage Probing and Laser Voltage Imaging
- 3 Attack Scenario
- 3.1 Key Extraction
- 3.2 RO PUF Characterization
- 4 Setup
- 4.1 Device Under Test
- 4.2 PoC FPGA Implementation
- 4.3 Measurement Setup
- 5 Results
- 5.1 Key Extraction
- 5.2 RO Characterization
- 6 Discussion
- 6.1 Locating the Registers and IP Cores on the Chip
- 6.2 Feasibility and Scalability of the Attack
- 6.3 Tamper Evidence
- 6.4 Countermeasures
- 7 Conclusion
- References
- Side Channel Countermeasures I
- Strong 8-bit Sboxes with Efficient Masking in Hardware
- 1 Introduction
- 2 Preliminaries
- 2.1 Cryptanalytic Properties for Sboxes
- 2.2 Construction of 8-Bit Sboxes.
- 2.3 Threshold Implementations
- 2.4 Design Architectures
- 3 Threshold Implementation of Known 8-bit Sboxes
- 4 Finding TI-Compliant 8-bit Sboxes
- 4.1 Feistel-Construction
- 4.2 SPN-Construction with Bit-Permutations as the Linear Layer
- 4.3 SPN-Construction with F16-linear Layers only
- 5 Results
- 5.1 Selected Sboxes
- 5.2 Comparison
- 6 Conclusion and Future Work
- References
- Masking AES with d+1 Shares in Hardware
- 1 Introduction
- 1.1 Related Work
- 1.2 Contribution
- 2 Preliminaries
- 2.1 Notation
- 2.2 Consolidated Masking Scheme
- 3 Masking AES with d+1 Shares
- 3.1 Second-Order TI of the AES S-box with 3 Shares
- 3.2 First-Order TI of the AES S-Box with 2 Shares
- 4 Side-Channel Analysis Evaluation
- 4.1 Experimental Setup
- 4.2 Methodology
- 4.3 First-Order TI of AES
- 4.4 Second-Order TI of AES
- 5 Implementation Cost
- 6 Conclusion
- References
- New Directions
- Differential Computation Analysis: Hiding Your White-Box Designs is Not Enough
- 1 Introduction
- 2 Overview of White-Box Cryptography Techniques
- 2.1 White-Box Results
- 2.2 Prerequisites of Existing Attacks
- 3 Differential Power Analysis
- 4 Software Execution Traces
- 5 Analyzing Publicly Available White-Box Implementations
- 5.1 The Wyseur Challenge
- 5.2 The Hack.lu 2009 Challenge
- 5.3 The SSTIC 2012 Challenge
- 5.4 A White-Box Implementation of the Karroumi Approach
- 5.5 The NoSuchCon 2013 Challenge
- 6 Countermeasures Against DCA
- 7 Conclusions and Future Work
- References
- Antikernel: A Decentralized Secure Hardware-Software Operating System Architecture
- 1 Introduction
- 2 Related Work
- 2.1 Security Agnostic Hardware Accelerations
- 2.2 Security-Focused Designs
- 3 Antikernel Network Architecture
- 3.1 Remote Procedure Call (RPC)
- 3.2 Direct Memory Access (DMA)
- 4 Memory Management
- 5 SARATOGA Processor and Threading
- 5.1 Thread Scheduler
- 5.2 Execution Units
- 5.3 L1 Cache
- 5.4 MMU
- 5.5 RPC Network Interface
- 5.6 ELF Loader with Code Signature Checking
- 5.7 Remote Attestation
- 6 Security Analysis
- 6.1 Threat Model
- 6.2 Methodology and Goals
- 6.3 Assumptions
- 6.4 Networks
- 6.5 Name Server
- 6.6 RAM Controller
- 7 Conclusions and Future Work
- References
- Software Implementations
- Software Implementation of Koblitz Curves over Quadratic Fields
- 1 Introduction
- 2 Koblitz Curves over F4
- 2.1 The -adic Representation
- 2.2 The Width-w NAF Form
- 2.3 Security of the Koblitz Curves Defined over F4
- 3 Base Field Arithmetic
- 3.1 Modular Reduction
- 3.2 Redundant Trinomials
- 4 Quadratic Field Arithmetic
- 4.1 Register Allocation
- 4.2 Multiplication
- 4.3 Modular Reduction
- 4.4 Squaring
- 4.5 Inversion
- 5 -and-add Scalar Multiplication
- 5.1 Left-to-right -and-add
- 5.2 Right-to-left -and-add
- 5.3 Linear Pass
- 6 Results and Discussion
- 6.1 Parameters
- 6.2 Field and Elliptic Curve Arithmetic Timings
- 6.3 Scalar Multiplication Timings
- 6.4 Comparisons
- 7 Conclusion
- References
- QcBits: Constant-Time Small-Key Code-Based Cryptography
- 1 Introduction
- 2 Preliminaries
- 2.1 QC-MDPC Codes
- 2.2 Decoding (QC-)MDPC Codes
- 2.3 The Hybrid Niederreiter Encryption System for QC-MDPC Codes
- 3 Key-Pair Generation
- 3.1 Private-Key Generation
- 3.2 Polynomial View: Public-Key Generation
- 3.3 Generic Multiplication in F2[x]/(xr-1)
- 3.4 Generic Squaring in F2[x]/(xr-1)
- 4 KEM Encryption
- 4.1 Generating the Error Vector
- 4.2 Polynomial View: Public-Syndrome Computation
- 4.3 Sparse-Times-Dense Multiplications in F2[x]/(xr-1)
- 5 KEM Decryption
- 5.1 Polynomial View: Private-Syndrome Computation
- 5.2 Polynomial View: Counting Unsatisfied Parity Checks
- 5.3 Sparse-Times-Dense Multiplications in Z[x]/(xr-1)
- 5.4 Flipping Bits
- 6 Experimental Results for Decoding
- 7 The Future of QC-MDPC-Based Cryptosystems
- References
- Kummer: Efficient Hyperelliptic Signatures and Key Exchange on Microcontrollers
- 1 Introduction
- 2 High-Level Overview
- 2.1 Signatures
- 2.2 Diffie-Hellman Key Exchange
- 3 Building Blocks: Algorithms and Their Implementation
- 3.1 The Field Fq
- 3.2 The Curve C and Its Theta Constants
- 3.3 Elements of C, compressed and decompressed
- 3.4 The Kummer Surface C
- 3.5 Pseudo-addition on C
- 4 Scalar Multiplication
- 4.1 Pseudomultiplication on C
- 4.2 Point Recovery from C to C
- 4.3 Full Scalar Multiplication on C
- 5 Results and Comparison
- References
- Cache Attacks
- Flush, Gauss, and Reload -- A Cache Attack on the BLISS Lattice-Based Signature Scheme
- 1 Introduction
- 2 Preliminaries
- 3 Attack 1: CDT Sampling
- 4 Attack 2: Bernoulli Sampling
- 5 Results with a Perfect Side-Channel
- 6 Proof-of-Concept Implementation
- 7 Discussion of Candidate Countermeasures
- References
- CacheBleed: A Timing Attack on OpenSSL Constant Time RSA
- 1 Introduction
- 1.1 Overview
- 1.2 Our Contribution
- 1.3 Targeted Software and Hardware
- 2 Background
- 2.1 OpenSSL's RSA Implementation
- 2.2 The Intel Cache Hierarchy
- 2.3 Microarchitectural Side-Channel Attacks
- 2.4 Scatter-Gather Implementation
- 2.5 Intel L1 Cache Banks
- 3 The CacheBleed Attack
- 4 Attacking the OpenSSL Modular Exponentiation Implementation
- 5 Recovering the RSA Private Key
- 6 Mitigation
- 7 Conclusions
- References
- Cache Attacks Enable Bulk Key Recovery on the Cloud
- 1 Motivation
- 2 Related Work
- 3 Prime and Probe in the LLC
- 4 Co-locating on Amazon EC2
- 4.1 The LLC Co-location Method
- 4.2 Challenges and Tricks of Co-location Detection
- 5 Obtaining the Non-linear Slice Selection Algorithm
- 6 Cross-VM RSA Key Recovery
- 7 Leakage Analysis Method
- 8 Recovering RSA Keys with Noise
- 8.1 Targeted Co-location: The Public Key Is Known
- 8.2 Bulk Key Recovery: The Public Key Is Unknown
- 9 Countermeasures
- 10 Conclusion
- References
- Physical Unclonable Functions
- Strong Machine Learning Attack Against PUFs with No Mathematical Model
- 1 Introduction
- 2 Notation and Preliminaries
- 2.1 PUFs
- 2.2 Boolean Functions as representations of PUFs
- 2.3 Our Learning Model
- 2.4 Non-linearity of PUFs Over F2 and the Existence of Influential Bits
- 3 PUF Architectures
- 3.1 Memory-Based PUFs
- 3.2 Bistable Ring PUF
- 3.3 Twisted Bistable Ring PUF
- 4 PAC Learning of PUFs Without Prior Knowledge of Their Mathematical Model
- 4.1 A Constant Upper Bound on the Number of Influential Bits
- 4.2 Weak Learning and Boosting of BR-PUFs
- 5 Results
- 5.1 PUF Implementation
- 5.2 ML Results
- 6 Conclusion
- References
- Efficient Fuzzy Extraction of PUF-Induced Secrets: Theory and Applications
- 1 Introduction
- 1.1 Contribution
- 1.2 Organization
- 2 Preliminaries
- 2.1 Notation
- 2.2 Min-Entropy Definitions
- 2.3 Physically Unclonable Functions
- 2.4 Secure Sketch and Fuzzy Extractor Definitions
- 2.5 Coding Theory
- 2.6 The Code-Offset Secure Sketch
- 3 Tight Bounds on the Min-Entropy Loss
- 3.1 Distributions
- 3.2 Generic Bounds
- 3.3 Tighter Bounds
- 3.4 Numerical Results
- 4 Applications
- 4.1 A Fundamental Security Flaw in Reverse Fuzzy Extractors
- 4.2 Motivation for Debiasing Schemes
- 5 Conclusion
- References
- Run-Time Accessible DRAM PUFs in Commodity Devices
- 1 Introduction
- 1.1 Related Work on DRAM PUFs
- 1.2 Contributions
- 1.3 Paper Organization
- 2 Extracting DRAM PUFs from Commodity Devices
- 2.1 Decay-Based PUFs in DRAM
- 2.2 Run-Time DRAM PUF Access
- 2.3 Security Assumptions
- 3 Implementation and Performance
- 3.1 Firmware-Based PUF Access
- 3.2 Linux Kernel Module-Based PUF Access
- 4 Evaluation of DRAM PUF Characteristics
- 5 Lightweight Protocols for Device Authentication and Secure Channel Establishment
- 6 Open Research Topics
- 7 Conclusion
- References
- Side Channel Countermeasures II
- On the Multiplicative Complexity of Boolean Functions and Bitsliced Higher-Order Masking
- 1 Introduction
- 2 Preliminaries
- 2.1 Boolean Functions
- 2.2 Higher-Order Masking
- 2.3 Bitsliced Higher-Order Masking
- 3 Multiplicative Complexity of Boolean Functions
- 3.1 Multiplicative Complexity of S-Boxes
- 3.2 Our Results
- 3.3 Parallel Multiplicative Complexity
- 4 A Heuristic Decomposition for S-Boxes
- 4.1 Decomposition of a Single Boolean Function
- 4.2 S-Box Decomposition
- 4.3 Improvements
- 4.4 Parallelization
- 5 Implementations
- References
- Reducing the Number of Non-linear Multiplications in Masking Schemes
- 1 Introduction
- 1.1 Our Contribution
- 1.2 Related Works
- 2 Improved Generic Method for S-Boxes
- 2.1 Our Method
- 2.2 Concrete Parameters for Various S-Boxes
- 2.3 Software Implementation of DES
- 3 The Power of Using Bigger Fields and Its Limitations
- References
- Faster Evaluation of SBoxes via Common Shares
- 1 Introduction
- 2 Security Definitions
- 3 The Rivain-Prouff Countermeasure
- 3.1 The Rivain-Prouff Multiplication
- 3.2 Mask Refreshings
- 3.3 Application to the Computation of x254 in F28
- 4 Secure Computation of 2 Parallel Multiplications with Common Operand, and Application to AES
- 4.1 The CommonShares Algorithm
- 4.2 The CommonMult Algorithm
- 4.3 Application to AES SBoxes
- 5 Parallel Multiplications with Common Shares
- 6 Parallel Computation of Quadratic Functions
- 7 Implementation
- References
- Hardware Implementations
- FourQ on FPGA: New Hardware Speed Records for Elliptic Curve Cryptography over Large Prime Characteristic Fields
- 1 Introduction
- 2 Preliminaries: FourQ
- 2.1 Scalar Multiplication Execution
- 2.2 High-Level Design of the Proposed Architecture
- 3 Field Arithmetic Unit
- 3.1 Datapath
- 3.2 Control Logic
- 4 Scalar Unit
- 4.1 Decompose Unit
- 4.2 Recode Unit
- 5 Architectures
- 5.1 Single-Core Architecture
- 5.2 Multi-core Architecture
- 5.3 Architecture Using the Montgomery Ladder
- 6 Results and Analysis
- 7 Conclusions
- References
- A High Throughput/Gate AES Hardware Architecture by Compressing Encryption and Decryption Datapaths
- 1 Introduction
- 2 Related Works
- 2.1 Unified AES Datapath for Encryption and Decryption
- 2.2 Inversion Circuit Design and Tower-Field Arithmetic
- 3 Proposed Architecture
- 3.1 Round Function Part
- 3.2 Key Scheduling Part
- 4 Performance Evaluation
- 5 Discussion
- 6 Conclusion
- References
- Efficient High-Speed WPA2 Brute Force Attacks Using Scalable Low-Cost FPGA Clustering
- 1 Introduction
- 2 Related Work
- 3 WPA2-Personal Handshake and Key Derivation
- 3.1 Breaking it Down to SHA1 Computations
- 3.2 Attacking the 4-Way Handshake
- 4 FPGA Implementation
- 4.1 Overall System Design
- 5 Evaluation
- 5.1 GPU Comparison
- 6 Results and Discussion
- 6.1 GPU Results and Comparison
- 7 Conclusion and Future Work
- References
- Fault Attacks
- ENCOUNTER: On Breaking the Nonce Barrier in Differential Fault Analysis with a Case-Study on PAEQ
- 1 Introduction
- 2 The Design of PAEQ
- 2.1 PPAE Mode of Operation
- 2.2 The Internal Permutation: AESQ
- 2.3 Handling Partially Specified States/Substates
- 3 Notations
- 4 Internal Differential Fault Analysis
- 5 An Internal Differential Distinguisher for 4-Round PAEQ
- 6 The Fault Quartet
- 7 ENCOUNTER: Fault Analysis of PAEQ using Internal Differentials
- 7.1 The Fault Model
- 7.2 The INBOUND Phase
- 7.3 The OUTBOUND Phase
- 7.4 The Complete Attack
- 7.5 Complexity Analysis
- 8 Experimental Results
- 9 Conclusion
- References
- Curious Case of Rowhammer: Flipping Secret Exponent Bits Using Timing Analysis
- 1 Introduction
- 2 Preliminaries
- 2.1 Dynamic Random Access Memory
- 2.2 The Rowhammer Bug
- 2.3 Cache Memory Architecture
- 3 Combining Timing Analysis and Rowhammer
- 3.1 Attack Model
- 3.2 Determining the Eviction Set
- 3.3 Determining the DRAM Bank that the Secret Maps
- 3.4 Performing Rowhammer in a Controlled Bank
- 4 Experimental Validation for Inducing Bit Flips on Secret
- 4.1 Identifying the Cache Set
- 4.2 Alternative Strategy to Determine the Target Cache Set
- 4.3 Identifying the LLC Slice
- 4.4 Identifying the DRAM Bank
- 4.5 Inducing Bit Flip Using Rowhammer
- 5 Possible Countermeasures
- 6 Further Discussion
- 6.1 Assumptions of the Proposed Attack
- 6.2 Limitations and Practicality of Our Attack
- 7 Conclusion
- References
- A Design Methodology for Stealthy Parametric Trojans and Its Application to Bug Attacks
- 1 Introduction
- 1.1 Related Work
- 1.2 Our Contribution
- 2 Overview of the Proposed Method
- 3 Delay Insertion
- 4 Finding a Trojan Path
- 4.1 Phase I: Rare Path Selection
- 4.2 Phase II: Delay Distribution
- 5 Experimental Results
- 5.1 Evaluation of Phase I (Path Selection)
- 5.2 Evaluation of Phase II (Delay Distribution)
- 5.3 Overall Evaluation
- 6 Bug Attack on ECDH with a Trojan Multiplier
- 6.1 Fault Model of the Trojan Multiplier
- 6.2 Case Study: An ECDH Implementation with Montgomery Ladder
- 7 Conclusion
- A Difficulty of Justification and Propagation Tables
- B Montgomery Ladder
- References
- Author Index
