All-or-Nothing Transforms as a countermeasure to differential side-channel analysis

Robert P. McEvoy; Mike Tunstall; Claire Whelan; Colin C. Murphy; William P. Marnane

doi:10.1007/s10207-013-0212-y

All-or-Nothing Transforms as a countermeasure to differential side-channel analysis

Robert P. McEvoy, Mike Tunstall, Claire Whelan, Colin C. Murphy, William P. Marnane

Research output: Contribution to journal › Article (Academic Journal) › peer-review

5 Citations (Scopus)

Abstract

Side-channel attacks on hardware implementations of cryptographic algorithms have recently been the focus of much attention in the research community. Differential power analysis (DPA) has been shown to be particularly effective at retrieving secret information stored within an implementation. The design of DPA-resistant systems that are efficient in terms of speed and area poses a significant challenge. All-or-Nothing Transforms are cryptographic transforms, which are currently employed in numerous applications. We examine All-or-Nothing Encryption systems from the DPA perspective. This paper shows that All-or-Nothing cryptosystems, whilst not preventing side-channel leakage, do fundamentally inhibit DPA attacks. Furthermore, we develop extensions to the All-or-Nothing protocol to strengthen the DPA resistance of the cryptosystem, providing a practical alternative to masking countermeasures for symmetric ciphers.

Original language	English
Pages (from-to)	291-304
Number of pages	14
Journal	International Journal of Information Security
Volume	13
Issue number	3
DOIs	https://doi.org/10.1007/s10207-013-0212-y
Publication status	Published - Jun 2014

Keywords

Side-channel attacks
DPA
All-or-Nothing Transforms
POWER ANALYSIS ATTACKS
SECURITY

Access to Document

10.1007/s10207-013-0212-y

1 Finished

SILENT: Rework of Side channels-theory and implications for society
Oswald, M. E.
1/01/11 → 1/04/16
Project: Research

Cite this

@article{dc785666981042d49197f3a1cefe0d36,

title = "All-or-Nothing Transforms as a countermeasure to differential side-channel analysis",

abstract = "Side-channel attacks on hardware implementations of cryptographic algorithms have recently been the focus of much attention in the research community. Differential power analysis (DPA) has been shown to be particularly effective at retrieving secret information stored within an implementation. The design of DPA-resistant systems that are efficient in terms of speed and area poses a significant challenge. All-or-Nothing Transforms are cryptographic transforms, which are currently employed in numerous applications. We examine All-or-Nothing Encryption systems from the DPA perspective. This paper shows that All-or-Nothing cryptosystems, whilst not preventing side-channel leakage, do fundamentally inhibit DPA attacks. Furthermore, we develop extensions to the All-or-Nothing protocol to strengthen the DPA resistance of the cryptosystem, providing a practical alternative to masking countermeasures for symmetric ciphers.",

keywords = "Side-channel attacks, DPA, All-or-Nothing Transforms, POWER ANALYSIS ATTACKS, SECURITY",

author = "McEvoy, {Robert P.} and Mike Tunstall and Claire Whelan and Murphy, {Colin C.} and Marnane, {William P.}",

year = "2014",

month = jun,

doi = "10.1007/s10207-013-0212-y",

language = "English",

volume = "13",

pages = "291--304",

journal = "International Journal of Information Security",

issn = "1615-5262",

publisher = "Springer Verlag",

number = "3",

}

TY - JOUR

T1 - All-or-Nothing Transforms as a countermeasure to differential side-channel analysis

AU - McEvoy, Robert P.

AU - Tunstall, Mike

AU - Whelan, Claire

AU - Murphy, Colin C.

AU - Marnane, William P.

PY - 2014/6

Y1 - 2014/6

N2 - Side-channel attacks on hardware implementations of cryptographic algorithms have recently been the focus of much attention in the research community. Differential power analysis (DPA) has been shown to be particularly effective at retrieving secret information stored within an implementation. The design of DPA-resistant systems that are efficient in terms of speed and area poses a significant challenge. All-or-Nothing Transforms are cryptographic transforms, which are currently employed in numerous applications. We examine All-or-Nothing Encryption systems from the DPA perspective. This paper shows that All-or-Nothing cryptosystems, whilst not preventing side-channel leakage, do fundamentally inhibit DPA attacks. Furthermore, we develop extensions to the All-or-Nothing protocol to strengthen the DPA resistance of the cryptosystem, providing a practical alternative to masking countermeasures for symmetric ciphers.

AB - Side-channel attacks on hardware implementations of cryptographic algorithms have recently been the focus of much attention in the research community. Differential power analysis (DPA) has been shown to be particularly effective at retrieving secret information stored within an implementation. The design of DPA-resistant systems that are efficient in terms of speed and area poses a significant challenge. All-or-Nothing Transforms are cryptographic transforms, which are currently employed in numerous applications. We examine All-or-Nothing Encryption systems from the DPA perspective. This paper shows that All-or-Nothing cryptosystems, whilst not preventing side-channel leakage, do fundamentally inhibit DPA attacks. Furthermore, we develop extensions to the All-or-Nothing protocol to strengthen the DPA resistance of the cryptosystem, providing a practical alternative to masking countermeasures for symmetric ciphers.

KW - Side-channel attacks

KW - DPA

KW - All-or-Nothing Transforms

KW - POWER ANALYSIS ATTACKS

KW - SECURITY

U2 - 10.1007/s10207-013-0212-y

DO - 10.1007/s10207-013-0212-y

M3 - Article (Academic Journal)

VL - 13

SP - 291

EP - 304

JO - International Journal of Information Security

JF - International Journal of Information Security

SN - 1615-5262

IS - 3

ER -

All-or-Nothing Transforms as a countermeasure to differential side-channel analysis

Abstract

Keywords

Access to Document

SILENT: Rework of Side channels-theory and implications for society

Cite this