AES side channel attack protection using random isomorphisms

General method of side-channel attacks protection, based on random cipher isomorphisms is presented. Isomorphic ciphers produce common outputs for common inputs. Cipher isomor-phisms can be changed independently on transmitting and receiving sides. Two methods of RIJNDAEL protection are considered. The first one is based on random commutative isomor-phisms of underlying structure. The set of field  256 isomorphisms consists of 30 subsets; each of them has 8 commutative elements presented as Galois group elements. This allows increasing the strength with respect to side channel attacks about 32 times, the encryption ratio decreases slightly. This method has comparatively small efficiency. The second method is based on cipher byte affine isomorphisms σ(x) = Lx + a, and allows in practice eliminate side-channel attacks. The rate of this method is approximately the same as in previous case. The most convenient affine isomorphisms are involutions. Method of such affine isomorphisms generation is presented. 1. Side channel attacks and random isomorphisms Information system is secure if it can resist adversary attacks. The set of possible attacks is determined by adversary model — the set of its possibilities. Adversary models can be ordered as sets. Model A is larger then model B, if set of possibilities of B is subset of possibilities of A. The larger is adversary model, the larger is the set of possible attacks. Adversary model ordering induces dual ordering on the set of secure systems. Each information system is characterized by maximal adversary model, under which this system is secure. Each adversary model induces minimal set of protection mechanisms that provides security of information system. For example, if adversary model is empty, all information systems are secure. If adversary possesses extrasensory possibilities and can guess all secrets, there are no secure systems. Traditional cryptanalytic attacks use mathematical, computational and cryptana-lytic possibilities. But adversary can also use laboratory possibilities. Such attack was implemented by Intelligence service against French encryption apparatus about 50 years ago [1]. Adversary can detect and recognize signals of different nature , which appear while cryptographic device processes secret information (intermediate texts during encryption). Side channel attacks include set of attacks based on timing analysis, analysis of instant supplying power, electromagnetic and acoustic signals that carry information on a secret key [2, 3]. Side channel attacks are often more effective then well-known differential [4] or linear [5] attacks. For instance, such attack allows easy computing the secret key of mobile …