Secure GCM implementation on AVR

Zhe Liu; Hwajeong Seo; Chien Ning Chen; Yasuyuki Nogami; Taehwan Park; Jongseok Choi; Howon Kim

doi:10.1016/j.dam.2016.10.015

Secure GCM implementation on AVR

Zhe Liu, Hwajeong Seo, Chien Ning Chen, Yasuyuki Nogami, Taehwan Park, Jongseok Choi, Howon Kim

Research output: Contribution to journal › Article › peer-review

5 Citations (Scopus)

Abstract

In Internet of Things (IoT), sensor devices should deliver the collected sensor data to the server after the data is encrypted. The encrypted data cannot be eavesdropped by adversaries but the side channel information including clock cycles and power consumption patterns during encryption operations can leak the secret information. For this reason, cryptography engineering should prevent potential threats by designing the cryptography functions in secure manner. In this paper, we explore the feasible side channel attacks on cryptography operations, particularly polynomial multiplication for Galois/Counter Mode of operation (GCM). We perform the horizontal Correlation Power Analysis (CPA) on the most well-known Lopez et al.’s polynomial multiplication and successfully extract the secret values from power consumption patterns. In order to prevent proposed attack model, we suggest a masked polynomial multiplication, ensuring a regular and constant-time solution without potential vulnerabilities including Look-up Table (LUT) access and branch statements. With proposed polynomial multiplication, we suggest the secure and efficient implementation of GCM on the low-end embedded processor. Finally, we further explore the long polynomial multiplication for Elliptic Curve Cryptography (ECC) operations. We exploit the combination of Karatsuba algorithm and proposed masked polynomial multiplication, which achieved the practically fast polynomial multiplication on embedded processors.

Original language	English
Pages (from-to)	58-66
Number of pages	9
Journal	Discrete Applied Mathematics
Volume	241
DOIs	https://doi.org/10.1016/j.dam.2016.10.015
Publication status	Published - May 31 2018

Keywords

AES
Authenticated encryption
Embedded processors
Galois/Counter Mode of operation
Horizontal correlation power analysis
Karatsuba algorithm
Polynomial multiplication
Side channel attack
XMEGA

ASJC Scopus subject areas

Discrete Mathematics and Combinatorics
Applied Mathematics

Access to Document

10.1016/j.dam.2016.10.015

Fingerprint Dive into the research topics of 'Secure GCM implementation on AVR'. Together they form a unique fingerprint.

Cite this

@article{0cf6d524742049faa1a1b9a136e4caa0,

title = "Secure GCM implementation on AVR",

abstract = "In Internet of Things (IoT), sensor devices should deliver the collected sensor data to the server after the data is encrypted. The encrypted data cannot be eavesdropped by adversaries but the side channel information including clock cycles and power consumption patterns during encryption operations can leak the secret information. For this reason, cryptography engineering should prevent potential threats by designing the cryptography functions in secure manner. In this paper, we explore the feasible side channel attacks on cryptography operations, particularly polynomial multiplication for Galois/Counter Mode of operation (GCM). We perform the horizontal Correlation Power Analysis (CPA) on the most well-known Lopez et al.{\textquoteright}s polynomial multiplication and successfully extract the secret values from power consumption patterns. In order to prevent proposed attack model, we suggest a masked polynomial multiplication, ensuring a regular and constant-time solution without potential vulnerabilities including Look-up Table (LUT) access and branch statements. With proposed polynomial multiplication, we suggest the secure and efficient implementation of GCM on the low-end embedded processor. Finally, we further explore the long polynomial multiplication for Elliptic Curve Cryptography (ECC) operations. We exploit the combination of Karatsuba algorithm and proposed masked polynomial multiplication, which achieved the practically fast polynomial multiplication on embedded processors.",

keywords = "AES, Authenticated encryption, Embedded processors, Galois/Counter Mode of operation, Horizontal correlation power analysis, Karatsuba algorithm, Polynomial multiplication, Side channel attack, XMEGA",

author = "Zhe Liu and Hwajeong Seo and Chen, {Chien Ning} and Yasuyuki Nogami and Taehwan Park and Jongseok Choi and Howon Kim",

note = "Funding Information: This work was partly supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIP) (No. 10043907 , Development of high performance IoT device and Open Platform with Intelligent Software) and the MSIP (Ministry of Science, ICT and Future Planning), Korea , under the ITRC (Information Technology Research Center) support program ( IITP-2016-H8501-16-1017 ) supervised by the IITP (Institute for Information & communications Technology Promotion). Publisher Copyright: {\textcopyright} 2016 Elsevier B.V. Copyright: Copyright 2020 Elsevier B.V., All rights reserved.",

year = "2018",

month = may,

day = "31",

doi = "10.1016/j.dam.2016.10.015",

language = "English",

volume = "241",

pages = "58--66",

journal = "Discrete Applied Mathematics",

issn = "0166-218X",

publisher = "Elsevier",

}

TY - JOUR

T1 - Secure GCM implementation on AVR

AU - Liu, Zhe

AU - Seo, Hwajeong

AU - Chen, Chien Ning

AU - Nogami, Yasuyuki

AU - Park, Taehwan

AU - Choi, Jongseok

AU - Kim, Howon

N1 - Funding Information: This work was partly supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIP) (No. 10043907 , Development of high performance IoT device and Open Platform with Intelligent Software) and the MSIP (Ministry of Science, ICT and Future Planning), Korea , under the ITRC (Information Technology Research Center) support program ( IITP-2016-H8501-16-1017 ) supervised by the IITP (Institute for Information & communications Technology Promotion). Publisher Copyright: © 2016 Elsevier B.V. Copyright: Copyright 2020 Elsevier B.V., All rights reserved.

PY - 2018/5/31

Y1 - 2018/5/31

N2 - In Internet of Things (IoT), sensor devices should deliver the collected sensor data to the server after the data is encrypted. The encrypted data cannot be eavesdropped by adversaries but the side channel information including clock cycles and power consumption patterns during encryption operations can leak the secret information. For this reason, cryptography engineering should prevent potential threats by designing the cryptography functions in secure manner. In this paper, we explore the feasible side channel attacks on cryptography operations, particularly polynomial multiplication for Galois/Counter Mode of operation (GCM). We perform the horizontal Correlation Power Analysis (CPA) on the most well-known Lopez et al.’s polynomial multiplication and successfully extract the secret values from power consumption patterns. In order to prevent proposed attack model, we suggest a masked polynomial multiplication, ensuring a regular and constant-time solution without potential vulnerabilities including Look-up Table (LUT) access and branch statements. With proposed polynomial multiplication, we suggest the secure and efficient implementation of GCM on the low-end embedded processor. Finally, we further explore the long polynomial multiplication for Elliptic Curve Cryptography (ECC) operations. We exploit the combination of Karatsuba algorithm and proposed masked polynomial multiplication, which achieved the practically fast polynomial multiplication on embedded processors.

AB - In Internet of Things (IoT), sensor devices should deliver the collected sensor data to the server after the data is encrypted. The encrypted data cannot be eavesdropped by adversaries but the side channel information including clock cycles and power consumption patterns during encryption operations can leak the secret information. For this reason, cryptography engineering should prevent potential threats by designing the cryptography functions in secure manner. In this paper, we explore the feasible side channel attacks on cryptography operations, particularly polynomial multiplication for Galois/Counter Mode of operation (GCM). We perform the horizontal Correlation Power Analysis (CPA) on the most well-known Lopez et al.’s polynomial multiplication and successfully extract the secret values from power consumption patterns. In order to prevent proposed attack model, we suggest a masked polynomial multiplication, ensuring a regular and constant-time solution without potential vulnerabilities including Look-up Table (LUT) access and branch statements. With proposed polynomial multiplication, we suggest the secure and efficient implementation of GCM on the low-end embedded processor. Finally, we further explore the long polynomial multiplication for Elliptic Curve Cryptography (ECC) operations. We exploit the combination of Karatsuba algorithm and proposed masked polynomial multiplication, which achieved the practically fast polynomial multiplication on embedded processors.

KW - AES

KW - Authenticated encryption

KW - Embedded processors

KW - Galois/Counter Mode of operation

KW - Horizontal correlation power analysis

KW - Karatsuba algorithm

KW - Polynomial multiplication

KW - Side channel attack

KW - XMEGA

UR - http://www.scopus.com/inward/record.url?scp=85006325262&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85006325262&partnerID=8YFLogxK

U2 - 10.1016/j.dam.2016.10.015

DO - 10.1016/j.dam.2016.10.015

M3 - Article

AN - SCOPUS:85006325262

VL - 241

SP - 58

EP - 66

JO - Discrete Applied Mathematics

JF - Discrete Applied Mathematics

SN - 0166-218X

ER -

Secure GCM implementation on AVR

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Cite this