Recently, various side-channel attacks on widely used encryption methods have been discovered. Extensive research is currently undertaken to develop new types of combined encryption and authentication mechanisms. Developers of security systems ask whether to implement methods recommended by international standards or to choose one of the new proposals. We explain the nature of the attacks and h...

This paper presents the results of three kinds of side-channel attacks, experimentally made against software-implemented ciphers on INSTAC-8 Compliant Board. INSTAC-8 is the standard evaluation platform, newly designed by the Information Technology Research and Standardization Center (INSTAC; a division of Japan Standards Association), to test Side-channel attack against the software-implemente...

Masking is a widespread countermeasure to protect implementations of block-ciphers against side-channel attacks. Several masking schemes have been proposed in the literature that rely on the efficient decomposition of the underlying s-box(es). We propose a generalized decomposition method for s-boxes that encompasses several previously proposed methods while providing new trade-offs. It allows ...

This paper describes very efficient attacks on plain RSA encryption as usually described in textbooks. These attacks exploit side channels caused by implementations that, during decryption, incorrectly make certain assumption on the size of message. We highlight different assumptions that are easily made when implementing plain RSA decryption and present corresponding attacks. These attacks mak...

We show that a randomized addition-subtraction chains countermeasure against side channel attacks is vulnerable to SPA attack, a kind of side channel attack, under distinguishability between addition and doubling. A side channel attack is an attack that takes advantage of information leaked during execution of a cryptographic procedure. The randomized addition-subtraction chains countermeasure ...

cryptographic implementations, as is shown by frequent (and in some cases catastrophic) security breaches directly attributed to implementation errors in widely used cryptographic libraries [L1,L2]. One of the causes of these breaches in widely tested software is the semantic gap between theoretical cryptographic specifications and their concrete implementations. Effectively closing this gap is...

This paper will attempt to explain some of the side-channel attack techniques in a fashion that is easily comprehensible by the layman. What follows is a presentation of three different attacks (power, timing and fault attacks) that can be carried out on cryptographic devices such as smart-cards. For each of the three attacks covered, a puzzle and it‘s solution will be given, which will act as ...

Since the introduction of side-channel attacks in the nineties, RSA implementations have been a privileged target. A wide variety of countermeasures have been proposed and most of practical attacks are nowadays efficiently defeated by them. However, in a recent work published at ICICS 2010, Clavier et al. have pointed out that almost all the existing countermeasures were ineffective if the atta...

YI-NING LIU, WEI GUO, CHI CHENG, CHINGFANG HSU, JUN-YAN QIAN AND CHANG-LU LIN Guangxi Key Lab of Trusted Software Guilin University of Electronic Technology Guilin, 541004 P.R. China School of Computer Science China University of Geosciences Wuhan, 430074 P.R. China Computer School Central China Normal University Wuhan, 430079 P.R. China College of Mathematics and Computer Science Fujian Normal...

This paper presents a version of the 2k-ary modular exponentiation algorithm that is secure against current methods of side-channel analysis that can be applied to PCs (the so-called micro-architectural attacks). Some optimisations to the basic algorithm are also proposed to improve the efficiency of an implementation. The proposed algorithm is compared to the current implementation of OpenSSL,...