Cache vs. Key-Dependency: Side Channeling an Implementation of Pilsung

Autor: Daniel Genkin, Romain Poussier, Rui Qi Sim, Yuval Yarom, Yuanjing Zhao
Jazyk: angličtina
Rok vydání: 2019
Předmět:
Zdroj: Transactions on Cryptographic Hardware and Embedded Systems, Vol 2020, Iss 1 (2019)
Druh dokumentu: article
ISSN: 2569-2925
DOI: 10.13154/tches.v2020.i1.231-255
Popis: Over the past two decades, cache attacks have been identified as a threat to the security of cipher implementations. These attacks recover secret information by combining observations of the victim cache accesses with the knowledge of the internal structure of the cipher. So far, cache attacks have been applied to ciphers that have fixed state transformations, leaving open the question of whether using secret, key-dependent transformations enhances the security against such attacks. In this paper we investigate this question. We look at an implementation of the North Korean cipher Pilsung, as reverse-engineered by Kryptos Logic. Like AES, Pilsung is a permutation-substitution cipher, but unlike AES, both the substitution and the permutation steps in Pilsung depend on the key, and are not known to the attacker. We analyze Pilsung and design a cache-based attack. We improve the state of the art by developing techniques for reversing secret-dependent transformations. Our attack, which requires an average of eight minutes on a typical laptop computer, demonstrates that secret transformations do not necessarily protect ciphers against side channel attacks.
Databáze: Directory of Open Access Journals