CAPA: The Spirit of Beaver Against Physical Attacks

Oscar Reparaz; Lauren De Meyer; Begul Bilgin; Victor Arribas; Svetla Nikova; Ventzislav Nikov; Nigel Smart

doi:10.1007/978-3-319-96884-1_5

CAPA: The Spirit of Beaver Against Physical Attacks

Oscar Reparaz, Lauren De Meyer, Begul Bilgin, Victor Arribas, Svetla Nikova, Ventzislav Nikov, Nigel Smart

Research output: Chapter in Book/Report/Conference proceeding › Conference Contribution (Conference Proceeding)

21 Citations (Scopus)

Abstract

In this paper we introduce two things: On one hand we introduce the Tile-Probe-and-Fault model, a model generalising the wire-probe model of Ishai et al. extending it to cover both more realistic side-channel leakage scenarios on a chip and also to cover fault and combined attacks. Secondly we introduce CAPA: a combined Countermeasure Against Physical Attacks. Our countermeasure is motivated by our model, and aims to provide security against higher-order SCA, multiple-shot FA and combined attacks. The tile-probe-and-fault model leads one to naturally look (by analogy) at actively secure multi-party computation protocols. Indeed, CAPA draws much inspiration from the MPC protocol SPDZ. So as to demonstrate that the model, and the CAPA countermeasure, are not just theoretical constructions, but could also serve to build practical countermeasures, we present initial experiments of proof-of-concept designs using the CAPA methodology. Namely, a hardware implementation of the KATAN and AES block ciphers, as well as a software bitsliced AES S-box implementation. We demonstrate experimentally that the design can resist second-order DPA attacks, even when the attacker is presented with many hundreds of thousands of traces. In addition our proof-of-concept can also detect faults within our model with high probability in accordance to the methodology.

Original language	English
Title of host publication	Advanced in Cryptology - CRYPTO 2018
Subtitle of host publication	38th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19–23, 2018, Proceedings, Part II
Publisher	Springer, Cham
Pages	121-151
Number of pages	31
ISBN (Electronic)	9783319968810
ISBN (Print)	9783319968803
DOIs	https://doi.org/10.1007/978-3-319-96884-1_5
Publication status	Published - Sept 2018

Publication series

Name	Lecture Notes in Computer Science
Volume	10991
ISSN (Print)	0302-9743

Access to Document

10.1007/978-3-319-96884-1_5

https://eprint.iacr.org/2017/1195Licence: CC BY

Handle.net

Persistent link

Embargoed Document

Full-text PDF (accepted author manuscript)
Accepted author manuscript, 4.22 MB
Request copy

TIPS Fellowship
Smart, N. P.
1/10/16 → 30/09/21
Project: Research
UK-Israel MPC
Smart, N. P.
1/08/15 → 31/12/17
Project: Research

Cite this

Reparaz, O., De Meyer, L., Bilgin, B., Arribas, V., Nikova, S., Nikov, V., & Smart, N. (2018). CAPA: The Spirit of Beaver Against Physical Attacks. In Advanced in Cryptology - CRYPTO 2018: 38th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19–23, 2018, Proceedings, Part II (pp. 121-151). (Lecture Notes in Computer Science; Vol. 10991). Springer, Cham. https://doi.org/10.1007/978-3-319-96884-1_5

@inproceedings{8b2a2de6dccc48a8ae08b640bb6cb2d6,

title = "CAPA: The Spirit of Beaver Against Physical Attacks",

abstract = "In this paper we introduce two things: On one hand we introduce the Tile-Probe-and-Fault model, a model generalising the wire-probe model of Ishai et al. extending it to cover both more realistic side-channel leakage scenarios on a chip and also to cover fault and combined attacks. Secondly we introduce CAPA: a combined Countermeasure Against Physical Attacks. Our countermeasure is motivated by our model, and aims to provide security against higher-order SCA, multiple-shot FA and combined attacks. The tile-probe-and-fault model leads one to naturally look (by analogy) at actively secure multi-party computation protocols. Indeed, CAPA draws much inspiration from the MPC protocol SPDZ. So as to demonstrate that the model, and the CAPA countermeasure, are not just theoretical constructions, but could also serve to build practical countermeasures, we present initial experiments of proof-of-concept designs using the CAPA methodology. Namely, a hardware implementation of the KATAN and AES block ciphers, as well as a software bitsliced AES S-box implementation. We demonstrate experimentally that the design can resist second-order DPA attacks, even when the attacker is presented with many hundreds of thousands of traces. In addition our proof-of-concept can also detect faults within our model with high probability in accordance to the methodology.",

author = "Oscar Reparaz and {De Meyer}, Lauren and Begul Bilgin and Victor Arribas and Svetla Nikova and Ventzislav Nikov and Nigel Smart",

year = "2018",

month = sep,

doi = "10.1007/978-3-319-96884-1_5",

language = "English",

isbn = "9783319968803",

series = "Lecture Notes in Computer Science",

publisher = "Springer, Cham",

pages = "121--151",

booktitle = "Advanced in Cryptology - CRYPTO 2018",

address = "Switzerland",

}

Reparaz, O, De Meyer, L, Bilgin, B, Arribas, V, Nikova, S, Nikov, V & Smart, N 2018, CAPA: The Spirit of Beaver Against Physical Attacks. in Advanced in Cryptology - CRYPTO 2018: 38th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19–23, 2018, Proceedings, Part II. Lecture Notes in Computer Science, vol. 10991, Springer, Cham, pp. 121-151. https://doi.org/10.1007/978-3-319-96884-1_5

CAPA: The Spirit of Beaver Against Physical Attacks. / Reparaz, Oscar; De Meyer, Lauren; Bilgin, Begul et al.
Advanced in Cryptology - CRYPTO 2018: 38th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19–23, 2018, Proceedings, Part II. Springer, Cham, 2018. p. 121-151 (Lecture Notes in Computer Science; Vol. 10991).

Research output: Chapter in Book/Report/Conference proceeding › Conference Contribution (Conference Proceeding)

TY - GEN

T1 - CAPA

T2 - The Spirit of Beaver Against Physical Attacks

AU - Reparaz, Oscar

AU - De Meyer, Lauren

AU - Bilgin, Begul

AU - Arribas, Victor

AU - Nikova, Svetla

AU - Nikov, Ventzislav

AU - Smart, Nigel

PY - 2018/9

Y1 - 2018/9

N2 - In this paper we introduce two things: On one hand we introduce the Tile-Probe-and-Fault model, a model generalising the wire-probe model of Ishai et al. extending it to cover both more realistic side-channel leakage scenarios on a chip and also to cover fault and combined attacks. Secondly we introduce CAPA: a combined Countermeasure Against Physical Attacks. Our countermeasure is motivated by our model, and aims to provide security against higher-order SCA, multiple-shot FA and combined attacks. The tile-probe-and-fault model leads one to naturally look (by analogy) at actively secure multi-party computation protocols. Indeed, CAPA draws much inspiration from the MPC protocol SPDZ. So as to demonstrate that the model, and the CAPA countermeasure, are not just theoretical constructions, but could also serve to build practical countermeasures, we present initial experiments of proof-of-concept designs using the CAPA methodology. Namely, a hardware implementation of the KATAN and AES block ciphers, as well as a software bitsliced AES S-box implementation. We demonstrate experimentally that the design can resist second-order DPA attacks, even when the attacker is presented with many hundreds of thousands of traces. In addition our proof-of-concept can also detect faults within our model with high probability in accordance to the methodology.

AB - In this paper we introduce two things: On one hand we introduce the Tile-Probe-and-Fault model, a model generalising the wire-probe model of Ishai et al. extending it to cover both more realistic side-channel leakage scenarios on a chip and also to cover fault and combined attacks. Secondly we introduce CAPA: a combined Countermeasure Against Physical Attacks. Our countermeasure is motivated by our model, and aims to provide security against higher-order SCA, multiple-shot FA and combined attacks. The tile-probe-and-fault model leads one to naturally look (by analogy) at actively secure multi-party computation protocols. Indeed, CAPA draws much inspiration from the MPC protocol SPDZ. So as to demonstrate that the model, and the CAPA countermeasure, are not just theoretical constructions, but could also serve to build practical countermeasures, we present initial experiments of proof-of-concept designs using the CAPA methodology. Namely, a hardware implementation of the KATAN and AES block ciphers, as well as a software bitsliced AES S-box implementation. We demonstrate experimentally that the design can resist second-order DPA attacks, even when the attacker is presented with many hundreds of thousands of traces. In addition our proof-of-concept can also detect faults within our model with high probability in accordance to the methodology.

U2 - 10.1007/978-3-319-96884-1_5

DO - 10.1007/978-3-319-96884-1_5

M3 - Conference Contribution (Conference Proceeding)

SN - 9783319968803

T3 - Lecture Notes in Computer Science

SP - 121

EP - 151

BT - Advanced in Cryptology - CRYPTO 2018

PB - Springer, Cham

ER -

Reparaz O, De Meyer L, Bilgin B, Arribas V, Nikova S, Nikov V et al. CAPA: The Spirit of Beaver Against Physical Attacks. In Advanced in Cryptology - CRYPTO 2018: 38th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19–23, 2018, Proceedings, Part II. Springer, Cham. 2018. p. 121-151. (Lecture Notes in Computer Science). Epub 2018 Aug 29. doi: 10.1007/978-3-319-96884-1_5

CAPA: The Spirit of Beaver Against Physical Attacks

Abstract

Publication series

Access to Document

Handle.net

Embargoed Document

Fingerprint

Projects

TIPS Fellowship

UK-Israel MPC

Cite this