August 9, 2018 –
Title: Practicality and Application of the Algebraic Side-Channel Attack
Student: Chujiao Ma
Major Advisor: Dr. John Chandy
Associate Advisors: Dr. Laurent Michel, Dr. Bing Wang
Date/Time: August 9, 2018 10:00 am
Location: IPB 301
Algebraic Side-Channel Attack (ASCA) is a side-channel attack that models the cryptographic algorithm and side-channel leakage from the system as a set of equations, then solves for the secret key. Unlike pure side-channel attacks, ASCA has low data complexity and can succeed in unknown plaintext/ciphertext scenarios. However, past research on ASCA has been done on either 8-bit microcontroller data or simulated data. In this paper, we explore the application and feasibility of error tolerant ASCA on field-programmable gate array (FPGA). FPGA runs faster and is more difficult for encryption power trace to be isolated so it presents more of a challenge for the attacker. Since FPGA is as susceptible to ASCA as 8-bit micro-controllers, the attack could have widespread implications since it may be applicable to other hardware platforms as well.
While algebraic side-channel attack (ASCA) has been successful in breaking simple cryptographic algorithms, it has never been done on larger or more complex algorithms such as Twofish. Compared to other algorithms that ASCA has been used on, Twofish is more difficult to attack due to the key-dependent S-boxes as well as the complex key scheduling. In this paper, we propose the first algebraic side-channel attack on Twofish, and examine the importance of side-channel information in getting past the key-dependent S-boxes and the complex key scheduling.
While ASCA is feasible on a variety of platforms, it is susceptible to error and the complexity of the model may drastically increase the runtime as well as the memory consumption. In this paper, we explore the attack by examining the importance of various Hamming weights in terms of success of the attack, which also allows us to gain insights into possible areas of focus for countermeasures, as well as successfully launch ASCA on AES with a larger error tolerance.