WO2001031422A3 - Method for protection against analysis of unintended side-channel signals - Google Patents

Method for protection against analysis of unintended side-channel signals Download PDF

Info

Publication number
WO2001031422A3
WO2001031422A3 PCT/ZA2000/000192 ZA0000192W WO0131422A3 WO 2001031422 A3 WO2001031422 A3 WO 2001031422A3 ZA 0000192 W ZA0000192 W ZA 0000192W WO 0131422 A3 WO0131422 A3 WO 0131422A3
Authority
WO
WIPO (PCT)
Prior art keywords
mapping
data
algorithm
modulo
vectors
Prior art date
Application number
PCT/ZA2000/000192
Other languages
French (fr)
Other versions
WO2001031422A2 (en
WO2001031422B1 (en
Inventor
Willich Manfred Von
Original Assignee
Willich Manfred Von
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Willich Manfred Von filed Critical Willich Manfred Von
Priority to JP2001533494A priority Critical patent/JP2003513490A/en
Priority to CA002388971A priority patent/CA2388971A1/en
Priority to EA200200468A priority patent/EA003874B1/en
Priority to AU23014/01A priority patent/AU773982B2/en
Priority to EP00986837A priority patent/EP1226681A2/en
Publication of WO2001031422A2 publication Critical patent/WO2001031422A2/en
Publication of WO2001031422A3 publication Critical patent/WO2001031422A3/en
Publication of WO2001031422B1 publication Critical patent/WO2001031422B1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/75Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation
    • G06F21/755Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation with measures against power attack
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0806Details of the card
    • G07F7/0813Specific details related to card security
    • G07F7/082Features insuring the integrity of the data on or in the card
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0806Details of the card
    • G07F7/0833Card having specific functional components
    • G07F7/084Additional components relating to data transfer and storing, e.g. error detection, self-diagnosis
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1083Counting of PIN attempts
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • H04L9/003Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0625Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2207/00Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F2207/72Indexing scheme relating to groups G06F7/72 - G06F7/729
    • G06F2207/7219Countermeasures against side channel or fault attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/16Obfuscation or hiding, e.g. involving white box

Abstract

The invention provides a method to reduce the risk of unauthorized access to the data, especially through side-channel observations. By using statistical techniques, herein called DPA or Differential Power Analysis. The method includes the steps of modifying the ciphering algorithm implementation to operate on mapped data, initially mapping of data, especially cryptographic keys, for storage, changing the data mapping from a prior data mapping by use of a secondary mapping, mapping incoming data for input to the modified algorithm implementation, and mapping data output from the modified algorithm for further use. The method results in enhanced secrecy. The data mapping and the secondary data mapping may be in the form of a lookup-table, an algorithm with mapping-selection data, or the like. The data mapping may be implemented as cascaded mappings. The operations of the original algorithm can be modulo-m addition, modulo-m multiplication or modulo-2 addition of two vectors of n compoments. In the last case, the mapping applied to at least one of the vectors has the form xi=Aix+bi wherein Ai is any matrix having an inverse and bi is a vector of n components.
PCT/ZA2000/000192 1999-10-25 2000-10-19 Method for protection against analysis of unintended side-channel signals WO2001031422A2 (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
JP2001533494A JP2003513490A (en) 1999-10-25 2000-10-19 Data processing method resistant to data extraction by analyzing unintended side channel signals
CA002388971A CA2388971A1 (en) 1999-10-25 2000-10-19 Method for making data processing resistant to extraction of data by analysis of unintended side-channel signals
EA200200468A EA003874B1 (en) 1999-10-25 2000-10-19 Method for making data processing resistant to extraction of data by analysis of unintended side-channel signals
AU23014/01A AU773982B2 (en) 1999-10-25 2000-10-19 Method for making data processing resistant to extraction of data by analysis of unintended side-channel signals
EP00986837A EP1226681A2 (en) 1999-10-25 2000-10-19 Method for protection against analysis of unintended side-channel signals

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US16104799P 1999-10-25 1999-10-25
US60/161,047 1999-10-25

Publications (3)

Publication Number Publication Date
WO2001031422A2 WO2001031422A2 (en) 2001-05-03
WO2001031422A3 true WO2001031422A3 (en) 2001-12-13
WO2001031422B1 WO2001031422B1 (en) 2002-01-10

Family

ID=22579586

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/ZA2000/000192 WO2001031422A2 (en) 1999-10-25 2000-10-19 Method for protection against analysis of unintended side-channel signals

Country Status (8)

Country Link
EP (1) EP1226681A2 (en)
JP (1) JP2003513490A (en)
CN (1) CN1413398A (en)
AU (1) AU773982B2 (en)
CA (1) CA2388971A1 (en)
EA (1) EA003874B1 (en)
WO (1) WO2001031422A2 (en)
ZA (1) ZA200202798B (en)

Families Citing this family (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7142670B2 (en) * 2001-08-14 2006-11-28 International Business Machines Corporation Space-efficient, side-channel attack resistant table lookups
EP1486026A1 (en) * 2002-03-07 2004-12-15 Axalto SA Method for making safe an electronic cryptography assembly with a secret key
FR2842376B1 (en) * 2002-07-10 2004-09-24 Somfy SELECTIVE COMMUNICATION BETWEEN OBJECTS
EP1457858A1 (en) * 2003-03-14 2004-09-15 SCHLUMBERGER Systèmes Method for securing an electronic system comprising a cryptoprocessor
DE10341096A1 (en) * 2003-09-05 2005-03-31 Giesecke & Devrient Gmbh Transition between masked representations of a value in cryptographic calculations
JP4604045B2 (en) * 2003-11-13 2010-12-22 マジック テクノロジーズ,インコーポレーテッド QKD with classic bit encryption
KR101061906B1 (en) * 2004-02-19 2011-09-02 삼성전자주식회사 Basic Computing Device and Method Safe for Power Analysis Attack
EP1596278A1 (en) * 2004-05-11 2005-11-16 Axalto SA Method to protect a cryptographic unit through homographic masking
FR2873523B1 (en) * 2004-07-22 2007-08-10 Sagem METHOD AND DEVICE FOR PERFORMING A CRYPTOGRAPHIC CALCULATION
DE102004043243A1 (en) * 2004-09-07 2006-03-23 Comvenient Gmbh & Co. Kg Method for protecting keys
EP1646174A1 (en) * 2004-10-07 2006-04-12 Axalto SA Method and apparatus for generating cryptographic sets of instructions automatically and code generation
CN101048969B (en) * 2004-10-28 2012-04-04 耶德托公司 Method and system for obfuscating a cryptographic function
JP2008181225A (en) * 2007-01-23 2008-08-07 Toshiba Corp Ic card
EP2255317B1 (en) * 2008-03-05 2013-05-15 Irdeto B.V. Cryptographic system
EP2525298B1 (en) * 2011-05-17 2016-07-13 Nxp B.V. Authentication method
EP2620890A1 (en) * 2012-01-25 2013-07-31 Gemalto SA Method for detecting a fault injected in hardware registers of an electronic device
DE102012018924A1 (en) 2012-09-25 2014-03-27 Giesecke & Devrient Gmbh Side channel protected masking
US9009495B2 (en) 2013-06-28 2015-04-14 Envieta, LLC High speed cryptographic combining system, and method for programmable logic devices
JP6264935B2 (en) * 2014-02-24 2018-01-24 大日本印刷株式会社 Authentication method for information processing apparatus
CN104104587B (en) * 2014-04-18 2017-12-26 天津大学 A kind of rear uniformity analysis method of certified mail protocols
CN105757878B (en) * 2016-02-19 2018-07-27 广东美的暖通设备有限公司 The encoding and decoding method, apparatus and air conditioner of communication data

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
CHARI S ET AL: "TOWARDS SOUND APPROACHES TO COUNTERACT POWER-ANALYSIS ATTACKS", 19TH ANNUAL INTERNATIONAL CRYPTOLOGY CONFERENCE. SANTA BARBARA, CA, AUG. 15 - 19, 1999. PROCEEDINGS,BERLIN: SPRINGER,DE, 1999, pages 398 - 412, XP000911819, ISBN: 3-540-66347-9 *
CORON J-S ET AL: "ON BOOLEAN AND ARITHMETIC MASKING AGAINST DIFFERENTIAL POWER ANALYSIS", POWER CONVERSION PROCEEDINGS, 2000, XP000989986 *
GOUBIN L ET AL: "DES AND DIFFERENTIAL POWER ANALYSIS THE DUPLICATION METHOD", CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS. INTERNATIONAL WORKSHOP,XX,XX, August 1999 (1999-08-01), pages 158 - 172, XP000952192 *

Also Published As

Publication number Publication date
WO2001031422A2 (en) 2001-05-03
CN1413398A (en) 2003-04-23
AU2301401A (en) 2001-05-08
EA200200468A1 (en) 2002-10-31
JP2003513490A (en) 2003-04-08
CA2388971A1 (en) 2001-05-03
AU773982B2 (en) 2004-06-10
WO2001031422B1 (en) 2002-01-10
EP1226681A2 (en) 2002-07-31
EA003874B1 (en) 2003-10-30
ZA200202798B (en) 2003-09-23

Similar Documents

Publication Publication Date Title
WO2001031422A3 (en) Method for protection against analysis of unintended side-channel signals
Hellman An overview of public key cryptography
Yi et al. A method for obtaining cryptographically strong 8/spl times/8 S-boxes
FR2728981B1 (en)
AU3296500A (en) Countermeasure procedures in an electronic component implementing an elliptical curve type public key encryption algorithm
US20090112896A1 (en) Method And Related Device For Hardware-Oriented Conversion Between Arithmetic And Boolean Random Masking
JP2015513699A (en) Countermeasures for side-channel analysis of cryptographic algorithms using Boolean and arithmetic operations
CN106685662B (en) A kind of whitepack software implementation method of the close SM2 Encryption Algorithm of quotient based on residue number system
Grabbe The DES algorithm illustrated
CA2179691A1 (en) Cryptographic Apparatus with Double Feedforward Hash Function
AU2003202545A1 (en) Protecting a device against unintended use in a secure environment
Sangwan Text encryption with huffman compression
Lee et al. On an improved summation generator with 2-bit memory
CA2136287A1 (en) Apparatus for avoiding complementarity in an encryption algorithm
Shende et al. FPGA based hardware implementation of hybrid cryptographic algorithm for encryption and decryption
CN109981247B (en) Dynamic S box generation method based on integer chaotic mapping
WO2016124469A1 (en) System and method for performing block cipher cryptography by implementing a mixer function that includes a substitution-box and a linear transformation using a lookup-table
US7505586B2 (en) Method for computer-based encryption and decryption of data
Davida et al. Security and privacy
US20230134216A1 (en) White-box processing for encoding with large integer values
Cade A modification of a broken public-key cipher
WO2004034174A3 (en) Encryption circuit arrangement and method therefor
KR101213209B1 (en) Aria encryption apparatus and method
Delaunay The resistance of an FPGA implementation of Grasshopper block cipher to CPA attacks
JP2005348453A (en) Method for protecting portable card

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ CZ DE DE DK DK DM DZ EE EE ES FI FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ CZ DE DE DK DK DM DZ EE EE ES FI FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

AK Designated states

Kind code of ref document: B1

Designated state(s): AE AG AL AM AT AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ CZ DE DE DK DK DM DZ EE EE ES FI FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: B1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

B Later publication of amended claims
WWE Wipo information: entry into national phase

Ref document number: 23014/01

Country of ref document: AU

WWE Wipo information: entry into national phase

Ref document number: 10111222

Country of ref document: US

WWE Wipo information: entry into national phase

Ref document number: IN/PCT/2002/508/KOL

Country of ref document: IN

WWE Wipo information: entry into national phase

Ref document number: 2388971

Country of ref document: CA

ENP Entry into the national phase

Ref document number: 2001 533494

Country of ref document: JP

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 200200468

Country of ref document: EA

WWE Wipo information: entry into national phase

Ref document number: 2000986837

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 008175039

Country of ref document: CN

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWG Wipo information: grant in national office

Ref document number: 23014/01

Country of ref document: AU

DPE2 Request for preliminary examination filed before expiration of 19th month from priority date (pct application filed from 20040101)