10 research outputs found
On the Duality of Probing and Fault Attacks
In this work we investigate the problem of simultaneous privacy and integrity
protection in cryptographic circuits. We consider a white-box scenario with a
powerful, yet limited attacker. A concise metric for the level of probing and
fault security is introduced, which is directly related to the capabilities of
a realistic attacker. In order to investigate the interrelation of probing and
fault security we introduce a common mathematical framework based on the
formalism of information and coding theory. The framework unifies the known
linear masking schemes. We proof a central theorem about the properties of
linear codes which leads to optimal secret sharing schemes. These schemes
provide the lower bound for the number of masks needed to counteract an
attacker with a given strength. The new formalism reveals an intriguing duality
principle between the problems of probing and fault security, and provides a
unified view on privacy and integrity protection using error detecting codes.
Finally, we introduce a new class of linear tamper-resistant codes. These are
eligible to preserve security against an attacker mounting simultaneous probing
and fault attacks
Combining Certain Nonlinear Feedback Shift Registers
Abstract. Stream ciphers that deploy linear feedback shift registers (LFSRs) have been shown to be vulnerable under fast correlation attacks [20], [21], [14], algebraic attacks [7], [28], fast algebraic attacks [6], [1], and fault attacks [13]. We discuss certain nonlinear feedback shift registers (NLFSRs) recommended as substitutes for LFSRs in stream cipher systems.
Göttfert: Linear filtering of nonlinear shift register sequences
Abstract. Nonlinear n-stage feedback shift-register sequences over the finite field Fq of period q n â 1 are investigated under linear operations on sequences. We prove that all members of an easily described class of linear combinations of shifted versions of these sequences possess useful properties for cryptographic applications: large periods, large linear complexities and good distribution properties. They typically also have good maximum order complexity values as has been observed experimentally. A running key generator is introduced based on certain nonlinear feedback shift registers with modifiable linear feedforward output functions.
ACHTERBAHN: A Proposal for a Profile 2 Stream Cipher to ECRYPTâs Call for Stream Cipher Primitives
We propose a new additive binary stream cipher called Achterbahn. The keystream generator (KSG) consists of eight primitive binary nonlinear feedback shift registers (NLFSRâs). A binary N-stage feedback shift register is called primitive if it has a cycle of length 2 N â 1 containing all binary nonzero Ntuples. Each shift register has a configurable linear feedforward output function. The output sequences of the shift registers are combined by a balanced 4thorder correlation immune Boolean combining function of eight variables and of algebraic degree three. Due to the modifiable shift register output functions, the KSG is able to produce an ensemble of 2 64 (respectively of 2 80) cyclically inequivalent sequences. All sequences have periods larger than 2 207 and linear complexities larger than 2 85. The size of the secret key is 80 bits. The feedback functions of the driving NLFSRâs promote fast hardware implementations. In the high-speed implementation a throughput of more than 8 Gbps is reached
The Achterbahn Stream Cipher
Contents 1 Introduction 3 1.1 Abriefdescriptionofthekeystreamgenerator............. 3 2 Preliminaries 4 3 Detailed description of the keystream generator 8 3.1 TheBooleancombiningfunction..................... 8 3.2 Thefeedbackshiftregisters ....................... 9 3.3 Thelinearfeedforwardfunctions..................... 11 3.4 Linearcomplexityandperiodofthekeystream............. 14 3.5 Thereducedkeystreamgenerator .................... 16 4 The key-loading algorithm 17 5 Security properties 20 6 Parallel implementation 21 7 Comparison of hardware designs 23 7.1 Areaandpower.............................. 23 7.2 Throughput ................................ 24 7.3 Implementatione#ciency ........................ 25 7.4 Scalability ................................. 25 7.5 Discussion................................. 25 8 Mathematical Background 29 9Conclusion 38 1 Introduction The proposed stream cipher Achterbahn is a binary additive stream cipher. In a binary additive stream c
Side-channel leakage of masked CMOS gates
Abstract. There are many articles and patents on the masking of logic gates. However, the existing publications assume that a masked logic gate switches its output no more than once per clock cycle. Unfortunately, this assumption usually does not hold true in practice. In this article, we show that glitches occurring in circuits of masked gates make these circuits susceptible to classical first-order DPA attacks. Besides a thorough theoretical analysis of the DPA-resistance of masked gates in the presence of glitches, we also provide simulation results that confirm the theoretical elaborations. Glitches occur in every CMOS circuit. Consequently, the currently known masking schemes for CMOS gates do not prevent DPA attacks