Hardware Implementation and Side-Channel Analysis of Lapin

Abstract : Lapin is a new authentication protocol that has been de- signed for low-cost implementations. In a work from RFIDsec 2012, Berstein and Lange argued that at similar (mathematical) security lev- els, Lapin's performances are below the ones of block cipher based au- thentication. In this paper, we suggest that as soon as physical security (e.g. against side-channel attacks) is taken into account, this criticism can be mitigated. For this purpose, we start by investigating masked hardware implementations of Lapin, and discuss the gains obtained over software ones. Next, we observe that the structure of our implementa- tions significantly differs from block cipher ones (for which most results in side-channel analysis apply), hence raising questions regarding how to evaluate physical security in this case. We then provide first results of side-channel analyzes against unprotected and masked Lapin. Despite interesting properties of the masked implementations, our conclusions are still contrasted because of the on-chip randomness requirements of Lapin protocol. These results give strong incentive to design similar but deterministic protocols, e.g. based on the recently introduced Learning With Rounding assumption.
Document type :
Conference papers
Complete list of metadatas

Cited literature [18 references]  Display  Hide  Download

https://hal.inria.fr/hal-00934054
Contributor : Gaëtan Leurent <>
Submitted on : Tuesday, January 21, 2014 - 3:10:21 PM
Last modification on : Friday, May 25, 2018 - 12:02:05 PM
Long-term archiving on: Tuesday, April 22, 2014 - 1:16:18 PM

File

lapin2.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Lubos Gaspar, Gaëtan Leurent, François-Xavier Standaert. Hardware Implementation and Side-Channel Analysis of Lapin. Topics in Cryptology - CT-RSA 2014, Feb 2014, San Francisco, United States. pp.206-226, ⟨10.1007/978-3-319-04852-9_11⟩. ⟨hal-00934054⟩

Share

Metrics

Record views

458

Files downloads

443