polito.it
Politecnico di Torino (logo)

Empirical Evaluation of the Resilience of Novel S-Box Implementations Against Power Side-Channel Attacks

Samuele Yves Cerini

Empirical Evaluation of the Resilience of Novel S-Box Implementations Against Power Side-Channel Attacks.

Rel. Paolo Ernesto Prinetto. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2021

[img]
Preview
PDF (Tesi_di_laurea) - Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (9MB) | Preview
Abstract:

The increasing pervasiveness of embedded and IoT devices and the consequent growth in the amount of data to be processed and exchanged mandates a systematic use of cryptography to ensure confidentiality, authenticity and integrity of communications. Over time, cryptographic techniques have improved considerably, so that cryptanalytic attacks have been made not feasible in reasonable times. On the other hand, this pervasive diffusion of devices has put the attacker in the position of being more likely in physical proximity, or in some cases, in possession of the components. This has enabled for a plethora of attacks aimed more at the weaknesses in the physical implementations of devices, rather than those of mathematical algorithms, in a way that simply could have not been accounted by cryptographers. Researchers have demonstrated that secrets processed inside chips can be retrieved with a novel class of attacks, called side-channel analysis. These are carried out by observing physical parameters emitted by a hardware component such as the time taken for a cryptographic operation, the power consumption required, or the electromagnetic and acoustic emissions. By combining such physical “clues”, an attacker can possibly retrieve the secret without recurring to cryptanalytic exploits or brute-force attacks. Since such physical quantities cannot be completely masked to the surrounding environment, obfuscation approaches can make attack attempts harder enough to make them not convenient. Along with existing physical-layer countermeasures adopted by chip designers, cryptographers devised new variants of the best-known cryptographic algorithms, such as AES, trying to reduce side-channel emissions from the logical level. Specifically for AES, the main target for improvements is the S-Box structure, the core non-linear component of the cipher, which already provides the necessary entropy against cryptanalysis (following Shannon’s Confusion and Diffusion principle). Recent studies combine the existing properties of S-Boxes with the resilience against side-channel attacks, demonstrating the effectiveness of such novel structures from a mathematical point of view. Still, an in-field empirical proof of such enhancements is not clearly present in the state of the art. This work aims to explore these latest improvements to the AES algorithm, studying novel S-Box implementations and finally empirically demonstrating their theoretical claims and effectiveness against power side-channel attacks. To fulfill this aim, a dedicated platform has been employed: the ChipWhisperer Lite board. ChipWhisperer has been designed to perform side-channel attacks with respect to the device power consumption and it is widely used by both researchers and actual hardware hackers due to its extreme flexibility, overall capabilities and extremely low-cost properties. The experiments were conducted on a pre-existing software implementation of the AES-128 algorithm, where the original S-Box was replaced with the new structures. The new variants of the algorithm were then run on an Atmel 8-bit microcontroller, using the ChipWhisperer board to collect the power traces related to the various executions. The obtained results were finally compared to those produced by the standard version of AES.

Relatori: Paolo Ernesto Prinetto
Anno accademico: 2020/21
Tipo di pubblicazione: Elettronica
Numero di pagine: 75
Soggetti:
Corso di laurea: Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering)
Classe di laurea: Nuovo ordinamento > Laurea magistrale > LM-32 - INGEGNERIA INFORMATICA
Aziende collaboratrici: NON SPECIFICATO
URI: http://webthesis.biblio.polito.it/id/eprint/18156
Modifica (riservato agli operatori) Modifica (riservato agli operatori)