logo

SCIENCE CHINA Information Sciences, Volume 64 , Issue 5 : 159101(2021) https://doi.org/10.1007/s11432-018-9797-9

Do multiple infections lead to better security? A new study on CHES 2014 infective countermeasure

More info
  • ReceivedNov 21, 2018
  • AcceptedFeb 20, 2019
  • PublishedMar 16, 2021

Abstract

There is no abstract available for this article.


Acknowledgment

This work was supported by National Key RD Program of China (Grant Nos. 2018YFB- 0904900, 2018YFB0904901), National Cryptography Development Fund (Grant No. MMJJ20170214), and National Cryptography Development Fund (Grant No. MMJJ2017- 0211).


Supplement

Appendixes A–C.


References

[1] Boneh D, DeMillo R, Lipton R. On the importance of checking cryptographic protocols for faults. In: Proceedings of International Conference on the Theory and Application of Cryptographic Techniques, Konstanz, 1997. 37--51. Google Scholar

[2] Kocher P, Jaffe J, Jun B. Differential power analysis. In: Proceedings of the 19th Annual International Cryptology Conference, Santa Barbara, 1999. 388--397. Google Scholar

[3] Tupsamudre H, Bisht S, Mukhopadhyay D. Destroying fault invariant with randomization. In: Proceedings of the 16th International Workshop on Cryptographic Hardware and Embedded Systems, Busan, 2014. 93--111. Google Scholar

[4] Battistello A, Giraud C. A note on the security of CHES 2014 symmetric infective countermeasure. In: Proceedings of the 7th International Workshop on Constructive Side Channel Analysis and Secure Design, Graz, 2016. 144--159. Google Scholar

[5] Cojocar L, Papagiannopoulos K, Timmers N. Instruction duplication: leaky and not too fault-tolerant In: Proceedings of International Conference on Smart Card Research and Advanced Applications, Lugano, 2017. 160--179. Google Scholar

[6] Brier E, Clavier C, Olivier F. Correlation power analysis with a leakage model. In: Proceedings of the 6th International Workshop on Cryptographic Hardware and Embedded Systems, Cambridge, 2004. 16--29. Google Scholar

  •   

    Algorithm 1 Infective countermeasure for AES[3]

    Require:Plaintext $P$, round key $k^j$ for $j\in\{1,\ldots,10(11)\}$, dummy round parameters ($\beta$,$k^0$).

    Output:Ciphertext $C=\text{AES-128}(P,K)$.

    Cipher state $R_0\leftarrow~P$, redundant state $R_1\leftarrow~P$, dummy state $R_2\leftarrow~\beta$;

    $i\leftarrow~1$, $q\leftarrow~1$;

    ${\rm~rstr}\leftarrow~\{0,1\}^t$;

    {$\#1(\rm~rstr)=20$}

    while $q\leq~t$ do

    $\lambda\leftarrow~{\rm~rstr}[q]$;

    {$0$ implies a dummy round}

    $\kappa\leftarrow(i\wedge\lambda)\oplus2(\neg\lambda)$;

    $\zeta\leftarrow~\lambda\cdot\lceil~i/2~\rceil$;

    {$\zeta$ is actual round counter}

    $R_\kappa\leftarrow$ RoundFunction$(R_\kappa,~k^\zeta)$;

    $\gamma\leftarrow~\lambda(\neg(i\wedge~1))\cdot~\textsc{BLFN}(R_0\oplus~R_1)$;

    $\delta\leftarrow(\neg\lambda)\cdot~\textsc{BLFN}(R_2\oplus~\beta)$;

    $R_0\leftarrow(\neg(\gamma\vee\delta)\cdot~R_0)\oplus((\gamma\vee\delta)\cdot~R_2)$;

    $i\leftarrow~i+\lambda$;

    $q\leftarrow~q+1$;

    end while

    return $R_0$.

qqqq

Contact and support