Counting Keys in Parallel After a Side Channel Attack

Daniel Martin; Jonathan O'Connell; Elisabeth Oswald; Martijn Stam

doi:10.1007/978-3-662-48800-3_13

Counting Keys in Parallel After a Side Channel Attack

Daniel Martin, Jonathan O'Connell, Elisabeth Oswald, Martijn Stam

Research output: Chapter in Book/Report/Conference proceeding › Conference Contribution (Conference Proceeding)

51 Citations (Scopus)

Abstract

Side channels provide additional information to skilled adversaries that reduce the effort to determine an unknown key. If sufficient side channel information is available, identification of the secret key can even become trivial. However, if not enough side information is available, some effort is still required to find the key in the key space (which now has reduced entropy). To understand the security implications of side channel attacks it is then crucial to evaluate this remaining effort in a meaningful manner. Quantifying this effort can be done by looking at two key questions: first, how `deep' (at most) is the unknown key in the remaining key space, and second, how `expensive' is it to enumerate keys up to a certain depth?

We provide results for these two challenges. Firstly, we show how to construct an extremely efficient algorithm that accurately computes the rank of a (known) key in the list of all keys, when ordered according to some side channel attack scores. Secondly, we show how our approach can be tweaked such that it can be also utilised to enumerate the most likely keys in a parallel fashion. We are hence the first to demonstrate that a smart and parallel key enumeration algorithm exists.

Original language	English
Title of host publication	Advances in Cryptology - ASIACRYPT 2015
Subtitle of host publication	21st International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand, November 29 -- December 3, 2015, Proceedings, Part II
Editors	Tetsu Iwata, Jung Hee Cheon
Publisher	Springer
Pages	313-337
Number of pages	25
Volume	9453
ISBN (Electronic)	9783662488003
ISBN (Print)	9783662487990
DOIs	https://doi.org/10.1007/978-3-662-48800-3_13
Publication status	Published - 30 Dec 2015

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer

Access to Document

10.1007/978-3-662-48800-3_13

https://eprint.iacr.org/2015/689

Handle.net

Persistent link

Cite this

Martin, D., O'Connell, J., Oswald, E., & Stam, M. (2015). Counting Keys in Parallel After a Side Channel Attack. In T. Iwata, & J. H. Cheon (Eds.), Advances in Cryptology - ASIACRYPT 2015: 21st International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand, November 29 -- December 3, 2015, Proceedings, Part II (Vol. 9453, pp. 313-337). (Lecture Notes in Computer Science). Springer. https://doi.org/10.1007/978-3-662-48800-3_13

Martin, Daniel ; O'Connell, Jonathan ; Oswald, Elisabeth et al. / Counting Keys in Parallel After a Side Channel Attack. Advances in Cryptology - ASIACRYPT 2015: 21st International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand, November 29 -- December 3, 2015, Proceedings, Part II. editor / Tetsu Iwata ; Jung Hee Cheon. Vol. 9453 Springer, 2015. pp. 313-337 (Lecture Notes in Computer Science).

@inproceedings{cdaa61d2e25a42c3acfad93dca7f92c0,

title = "Counting Keys in Parallel After a Side Channel Attack",

abstract = "Side channels provide additional information to skilled adversaries that reduce the effort to determine an unknown key. If sufficient side channel information is available, identification of the secret key can even become trivial. However, if not enough side information is available, some effort is still required to find the key in the key space (which now has reduced entropy). To understand the security implications of side channel attacks it is then crucial to evaluate this remaining effort in a meaningful manner. Quantifying this effort can be done by looking at two key questions: first, how `deep' (at most) is the unknown key in the remaining key space, and second, how `expensive' is it to enumerate keys up to a certain depth?We provide results for these two challenges. Firstly, we show how to construct an extremely efficient algorithm that accurately computes the rank of a (known) key in the list of all keys, when ordered according to some side channel attack scores. Secondly, we show how our approach can be tweaked such that it can be also utilised to enumerate the most likely keys in a parallel fashion. We are hence the first to demonstrate that a smart and parallel key enumeration algorithm exists.",

author = "Daniel Martin and Jonathan O'Connell and Elisabeth Oswald and Martijn Stam",

year = "2015",

month = dec,

day = "30",

doi = "10.1007/978-3-662-48800-3_13",

language = "English",

isbn = "9783662487990",

volume = "9453",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "313--337",

editor = "Tetsu Iwata and Cheon, {Jung Hee}",

booktitle = "Advances in Cryptology - ASIACRYPT 2015",

}

Martin, D, O'Connell, J, Oswald, E & Stam, M 2015, Counting Keys in Parallel After a Side Channel Attack. in T Iwata & JH Cheon (eds), Advances in Cryptology - ASIACRYPT 2015: 21st International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand, November 29 -- December 3, 2015, Proceedings, Part II. vol. 9453, Lecture Notes in Computer Science, Springer, pp. 313-337. https://doi.org/10.1007/978-3-662-48800-3_13

Counting Keys in Parallel After a Side Channel Attack. / Martin, Daniel; O'Connell, Jonathan; Oswald, Elisabeth et al.
Advances in Cryptology - ASIACRYPT 2015: 21st International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand, November 29 -- December 3, 2015, Proceedings, Part II. ed. / Tetsu Iwata; Jung Hee Cheon. Vol. 9453 Springer, 2015. p. 313-337 (Lecture Notes in Computer Science).

Research output: Chapter in Book/Report/Conference proceeding › Conference Contribution (Conference Proceeding)

TY - GEN

T1 - Counting Keys in Parallel After a Side Channel Attack

AU - Martin, Daniel

AU - O'Connell, Jonathan

AU - Oswald, Elisabeth

AU - Stam, Martijn

PY - 2015/12/30

Y1 - 2015/12/30

N2 - Side channels provide additional information to skilled adversaries that reduce the effort to determine an unknown key. If sufficient side channel information is available, identification of the secret key can even become trivial. However, if not enough side information is available, some effort is still required to find the key in the key space (which now has reduced entropy). To understand the security implications of side channel attacks it is then crucial to evaluate this remaining effort in a meaningful manner. Quantifying this effort can be done by looking at two key questions: first, how `deep' (at most) is the unknown key in the remaining key space, and second, how `expensive' is it to enumerate keys up to a certain depth?We provide results for these two challenges. Firstly, we show how to construct an extremely efficient algorithm that accurately computes the rank of a (known) key in the list of all keys, when ordered according to some side channel attack scores. Secondly, we show how our approach can be tweaked such that it can be also utilised to enumerate the most likely keys in a parallel fashion. We are hence the first to demonstrate that a smart and parallel key enumeration algorithm exists.

AB - Side channels provide additional information to skilled adversaries that reduce the effort to determine an unknown key. If sufficient side channel information is available, identification of the secret key can even become trivial. However, if not enough side information is available, some effort is still required to find the key in the key space (which now has reduced entropy). To understand the security implications of side channel attacks it is then crucial to evaluate this remaining effort in a meaningful manner. Quantifying this effort can be done by looking at two key questions: first, how `deep' (at most) is the unknown key in the remaining key space, and second, how `expensive' is it to enumerate keys up to a certain depth?We provide results for these two challenges. Firstly, we show how to construct an extremely efficient algorithm that accurately computes the rank of a (known) key in the list of all keys, when ordered according to some side channel attack scores. Secondly, we show how our approach can be tweaked such that it can be also utilised to enumerate the most likely keys in a parallel fashion. We are hence the first to demonstrate that a smart and parallel key enumeration algorithm exists.

UR - http://silent.cs.bris.ac.uk/?page_id=14

U2 - 10.1007/978-3-662-48800-3_13

DO - 10.1007/978-3-662-48800-3_13

M3 - Conference Contribution (Conference Proceeding)

SN - 9783662487990

VL - 9453

T3 - Lecture Notes in Computer Science

SP - 313

EP - 337

BT - Advances in Cryptology - ASIACRYPT 2015

A2 - Iwata, Tetsu

A2 - Cheon, Jung Hee

PB - Springer

ER -

Martin D, O'Connell J, Oswald E, Stam M. Counting Keys in Parallel After a Side Channel Attack. In Iwata T, Cheon JH, editors, Advances in Cryptology - ASIACRYPT 2015: 21st International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand, November 29 -- December 3, 2015, Proceedings, Part II. Vol. 9453. Springer. 2015. p. 313-337. (Lecture Notes in Computer Science). doi: 10.1007/978-3-662-48800-3_13

Counting Keys in Parallel After a Side Channel Attack

Abstract

Publication series

Access to Document

Handle.net

Other files and links

Fingerprint

SILENT: Rework of Side channels-theory and implications for society

HPC (High Performance Computing) and HTC (High Throughput Computing) Facilities

Cite this

Counting Keys in Parallel After a Side Channel Attack

Abstract

Publication series

Access to Document

Handle.net

Other files and links

Fingerprint

Projects

SILENT: Rework of Side channels-theory and implications for society

Equipment

HPC (High Performance Computing) and HTC (High Throughput Computing) Facilities

Cite this