Side-Channel Analysis of Multiplications in GF$(2^{128})$: Application to AES-GCM

Sonia Belaid 1, 2 Benoît Gérard 3 Pierre-Alain Fouque 4, 5
2 CASCADE - Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities
DI-ENS - Département d'informatique de l'École normale supérieure, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR 8548
4 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
Abstract : In this paper, we study the side-channel security of the field multiplication in GF(2^n). We particularly focus on GF(2^128) multiplication which is the one used in the authentication part of AES−GCM but the proposed attack also applies to other binary extensions. In a hardware implementation using a 128-bit multiplier, the full 128-bit secret is manipulated at once. In this context, classical DPA attacks based on the divide and conquer strategy cannot be applied. In this work, the algebraic structure of the multiplication is leveraged to recover bits of information about the secret multiplicand without having to perform any key-guess. To do so, the leakage corresponding to the writing of the multiplication output into a register is considered. It is assumed to follow a Hamming weight/distance leakage model. Under these particular, yet easily met, assumption we exhibit a nice connection between the key recovery problem and some classical coding and Learning Parities with Noise problems with certain instance parameters. In our case, the noise is very high, but the length of the secret is rather short. In this work we investigate different solving techniques corresponding to different attacker models and eventually refine the attack when considering particular implementations of the multiplication.
Type de document :
Communication dans un congrès
Asiacrypt 2014, Dec 2014, Kaohsiung, Taiwan. Springer, 8874, 2014, Lecture Notes in Computer Science. 〈10.1007/978-3-662-45608-8_17〉
Liste complète des métadonnées

https://hal.inria.fr/hal-01093865
Contributeur : Sonia Belaid <>
Soumis le : jeudi 11 décembre 2014 - 11:40:19
Dernière modification le : mardi 16 janvier 2018 - 15:54:19

Identifiants

Citation

Sonia Belaid, Benoît Gérard, Pierre-Alain Fouque. Side-Channel Analysis of Multiplications in GF$(2^{128})$: Application to AES-GCM. Asiacrypt 2014, Dec 2014, Kaohsiung, Taiwan. Springer, 8874, 2014, Lecture Notes in Computer Science. 〈10.1007/978-3-662-45608-8_17〉. 〈hal-01093865〉

Partager

Métriques

Consultations de la notice

377