Security evaluation of side-channel resistance for symmetric ciphers using experimental and theoretical approaches 実験的及び理論的手法による共通鍵暗号に対するサイドチャネル解析耐性への安全性評価に関する研究
Security evaluation of side-channel resistance for symmetric ciphers using experimental and theoretical approaches
In this thesis, security evaluation of side-channel resistance for symmetric ciphers is studied in order to implement cryptographic algorithms into security devices such as smart cards. Side channel attack (SCA) utilizes physical leakage such as power consumption of a cryptographic implementation during its computation in order to intentionally reveal a secret key in security devices. Recently, many studies of attack methods and countermeasures have been proposed about SCAs. And, for security devices that need high security such as smart cards, it is required to be evaluated whether they have a resistance to SCAs by the evaluation techniques established in an international standard ISO/IEC 15408. Thus, studies of SCAs are of significance for both academia and industrial fields. There are various types of SCAs such as power analysis (PA) attack, electromagnetic analysis (EM) attack, timing attack (TA) (or cache-timing attack (CTA)), and fault analysis (FA) attack, that utilize unintentional physical leakages from security devices. This thesis focuses on the studies of FA attacks. FA attacks are powerful methods that one can precisely induce faults into security devices using a laser beam and so on; however the equipments for attacks are expensive and some expertise are needed for controlling the equipments. Then, few studies of fault injection methods using inexpensive equipments were proposed compared to other SCAs. Further, the theoretical evaluation techniques are required to design the countermeasures; however, it is not clear that all cryptography can be attacked using the FA attack methods. In this thesis, we study the following evaluations from the theoretical and experimental approaches. 1. We propose a reproducible fault injection method using an inexpensive equipment. And, we show the characteristics of fault occurrence in the hardware implementation of the representative six kinds of block ciphers by the experiments using the proposed method. In the previous studies, the fault injection methods using inexpensive methods such as an irregular clock were proposed; however the results were dependent on each experimental environment and the reproducible experimental methods, that the same byte faults can be induced at the same timing in any experiment, were not proposed. Thus, the properties of fault occurrence in the hardware implementation of block ciphers were not clear and the fact was unclear whether one-byte faults frequently used in the assumption of theoretical studies can be induced arbitrarily and stably using an irregular clock. In this thesis, we propose a fault injection method that we can induce faults at the same timing of cryptographic algorithm in any experiment by synchronizing the fault injection timing with the execution timing of a cryptographic calculation. And, we precisely control the phase differences of two clocks that are generated by the original clock source of the cryptographic device, then, we can stably induce the same number of faulty bytes. Thus, we can obtain the reproducible results using the proposed method. Further, we show the fault occurrences in the hardware implementation on an LSI using the proposed method. In the LSI, six kinds of the representative block ciphers are implemented using a loop architecture that is a general hardware implementation method. As a result, we show that a width of an irregular clock has a relation with the number of induced faulty bytes and we can stably induce any byte fault including a one-byte fault frequently used in the assumption of theoretical studies. The proposed method is a versatile approach that can be applied to other cryptography implemented using a synchronous design. Then, this study contributes the development of experimental evaluation methods of FA attacks. And, this study also contributes the development of the theoretical evaluation studies on FA attacks because the experimental results of this study indicate the types of the induced faults in the hardware implementation. 2. We evaluate theoretical methods of FA attacks against the block-cipher based stream cipher to reveal a secret key and we target stream cipher MUGI as a case study. In the previous studies, it was considered that a secret key could not be extracted by FA attacks because the size of the unknown internal states is bigger that that of the known outputs at each cycle in stream ciphers based on the block cipher structure. Then, there are few studies of countermeasures against such kinds of cryptography. In this thesis, we first propose theoretical FA attacks on the stream cipher based on the block-cipher structures by analyzing the fault propagation of it and the characteristics of the structure of MUGI. Using the proposed attack methods, we can recover all internal states and a secret key by 13 time fault injections that considered to be practical. And, we show that a secret key can be extracted within a minute that is a feasible calculation time from the simulation results conducted on a PC. The results of this study show that the unique countermeasures are required for the implementation of the stream ciphers based on the block-cipher structure because they can be broken using FA attacks. This study contributes the development of the countermeasures that are required to implement a cryptographic algorithm in security. 3. We evaluate the feasibility of a powerful attack by combining FA attacks and other SCAs. Recently, for a high functionality of the security devices such as smart cards, cache memory will be installed in them. Then, there is a possibility that the devices using cache memory are targeted by CTAs to extract a secret key embedded on smart cards. In this thesis, we evaluate attack cost in the case that FA attacks and CTAs are combined. From the results of theoretical evaluation, we show that a secret key can be efficiently extracted using a combination attack compared to each attack. The results give perspective that a combination attack of FA attacks and CTAs becomes to be more threat attack. This studies contribute the development of the techniques of SCAs because we show the possibility of new attack that the multiple SCAs are combined. These series of studies contribute to the development of the evaluation methods and the countermeasures of SCAs. And, they contribute to improve a security level when cryptographic algorithms are implemented in security devices.