TY - GEN
T1 - Chosen-IV correlation power analysis on KCipher-2 and a countermeasure
AU - Hibiki, Takafumi
AU - Homma, Naofumi
AU - Nakano, Yuto
AU - Fukushima, Kazuhide
AU - Kiyomoto, Shinsaku
AU - Miyake, Yutaka
AU - Aoki, Takafumi
N1 - Copyright:
Copyright 2021 Elsevier B.V., All rights reserved.
PY - 2013
Y1 - 2013
N2 - This paper presents a chosen-IV (Initial Vector) correlation power analysis on the international standard stream cipher KCipher-2 together with an effective countermeasure. First, we describe a power analysis technique which can reveal the secret key (initial key) of KCipher-2 and then evaluate the validity of the CPA with an experiment on an FPGA platform. This paper also proposes a countermeasure based on random masking techniques. The concept of the proposed countermeasure is to mask intermediate data which pass through the non-linear function part including integer addition, substitution functions, and internal registers L1 and L2. We design two types of masked integer adders and two types of masked substitution circuits in order to minimize circuit area and delay. The performance of the proposed method is evaluated through ASIC implementations on a 90-nm CMOS technology. In comparison to the design without a countermeasure, the circuit area and delay of the design with a countermeasure increase at most 1.5 and 2.6 times, respectively. The effectiveness of the countermeasure is also demonstrated through an experiment on the same FPGA platform.
AB - This paper presents a chosen-IV (Initial Vector) correlation power analysis on the international standard stream cipher KCipher-2 together with an effective countermeasure. First, we describe a power analysis technique which can reveal the secret key (initial key) of KCipher-2 and then evaluate the validity of the CPA with an experiment on an FPGA platform. This paper also proposes a countermeasure based on random masking techniques. The concept of the proposed countermeasure is to mask intermediate data which pass through the non-linear function part including integer addition, substitution functions, and internal registers L1 and L2. We design two types of masked integer adders and two types of masked substitution circuits in order to minimize circuit area and delay. The performance of the proposed method is evaluated through ASIC implementations on a 90-nm CMOS technology. In comparison to the design without a countermeasure, the circuit area and delay of the design with a countermeasure increase at most 1.5 and 2.6 times, respectively. The effectiveness of the countermeasure is also demonstrated through an experiment on the same FPGA platform.
UR - http://www.scopus.com/inward/record.url?scp=84881147774&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84881147774&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-40026-1_11
DO - 10.1007/978-3-642-40026-1_11
M3 - Conference contribution
AN - SCOPUS:84881147774
SN - 9783642400254
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 169
EP - 183
BT - Constructive Side-Channel Analysis and Secure Design - 4th International Workshop, COSADE 2013, Revised Selected Papers
PB - Springer Verlag
T2 - 4th Workshop on Constructive Side-Channel Analysis and Secure Design, COSADE 2013
Y2 - 6 March 2013 through 8 March 2013
ER -