Anderson, Jonathan (2008) Side channel analysis of stream cipher hardware. Masters thesis, Memorial University of Newfoundland.
- Accepted Version
Available under License - The author retains copyright ownership and moral rights in this thesis. Neither the thesis nor substantial extracts from it may be printed or otherwise reproduced without the author's permission.
In today's world of ubiquitous connectivity, communications security is an ever-present concern. In order to protect sensitive information from eavesdropping by foreign governments, identity thieves and other curious individuals and organizations, cryptography is today deployed on a wide scale. No longer strictly the domain of large banks and governments, cryptographic systems are found in such everyday places as building passes and vehicle ignition keys. Cryptanalysis is the study of methods - called attacks - that can be used to extract secret information from these cryptographic systems. It is largely a statistical discipline, but out of it has grown a more hands-on approach: side channel analysis. -- Side channel analysis is an exciting field of study which attempts to extract secret information from cryptographic systems though the careful measurement of physical characteristics such as power usage and execution time. These characteristics provide "side channels" of information flow that algorithm designers may not anticipate. This research focuses of the power side channel, which extracts information from the instantaneous power either used or radiated by a cryptographic system. Traditional forms of power analysis are ineffective against a large class of ciphers called stream ciphers, but a recently-introduced group of techniques - template attacks - have been shown to be effective against microcontroller-based implementations of stream ciphers. -- This thesis describes the theory behind template attacks, and describes how we have applied them to perform power analysis of hardware implementations of stream ciphers. We have built hardware for this purpose, called the Side Channel Analysis Board (SCAB) as well as designed software to perform the necessary analysis. We used our experimental setup to measure the power usage of FPGA-based hardware - specifically the Actel ProASIC3 - running a stream cipher building block called LFSR-16. We have also simulated and analysed the power usage of LFSR-16 and a functional stream cipher, Trivium. Trivium is a hardware-focused stream cipher that was vetted by the recent eSTREAM initiative, and is thus of great importance. In both simulation and hardware, we were able to extract secret key information with a probability greater than we would expect to achieve through random guessing. In the case of the cipher building block LFSR-16, we were able to correctly classify four key bits with accuracy greater than 90%. In the case of the stream cipher Trivium, average classification success exceeded 20% where random guessing would have achieved a success rate of just 6.25%. -- Thus, we may state that the template attack technique is applicable to hardware-based stream ciphers, and that implementers of such ciphers must be aware of such techniques and attempt to apply appropriate countermeasures where possible.
|Item Type:||Thesis (Masters)|
|Additional Information:||Includes bibliographical references (leaves 92-96)|
|Department(s):||Engineering and Applied Science, Faculty of|
|Library of Congress Subject Heading:||Cryptography; Data encryption (Computer science); Stream ciphers|
Actions (login required)