Hardware-Oriented SPN Block Ciphers Fault Injection Countermeasures and Low-Latency Designs Shahram Rasoolzadeh Hardware-Oriented SPN Block Ciphers Fault Injection Countermeasures and Low-Latency Designs Dissertation Thesis Shahram Rasoolzadeh November 2, 2020 Submitted as the requirement for the degree of Doctor-Engineer to the Faculty of Electrical Engineering and Information Technology at Ruhr-University Bochum Vorgelegt zur Erlangung des Grades eines Doktor-Ingenieurs an der Fakultät für Elektrotechnik und Informationstechnik der Ruhr-Universität Bochum Supervisors: Prof. Dr. Gregor Leander Priv.-Doz. Dr. Amir Moradi Disputation Date: December 3, 2020 IMPRINT Hardware-Oriented SPN Block Ciphers Fault Injection Countermeasures and Low-Latency Designs Copyright © 2020 by Shahram Rasoolzadeh. All rights reserved. Printed in Germany. Published by the Ruhr-Universität Bochum, Bochum, Germany. COLOPHON This thesis was typeset using LATEX and the memoir documentclass. It is based 1 1https://people.mpi-sws.org/ on Aaron Turon’s thesis Understanding and expressing scalable concurrency , ~turon/turon-thesis.pdf itself a mixture of classicthesis2 by André Miede and tufte-latex3, 2https://bitbucket.org/amiede/ based on Edward Tufte’s Beautiful Evidence. classicthesis/ The bibliography was processed by Biblatex. All graphics and plots are made 3https://github.com/Tufte-LaTeX/ tufte-latex with PGF/TikZ. The body text is set 10/14pt (long primer) on a 26pc measure. The margin text is set 8/9pt (brevier) on a 12pc measure. Matthew Carter’s Charter acts as both the text and display typeface. Monospaced text uses Jim Lyles’s Bitstream Vera Mono (“Bera Mono”). Doing research is challenging as well as attractive. It is like being lost in a jungle and trying to use all the knowledge that you can gather to come up with some new tricks, and with some luck you might find a way out. Maryam Mirzakhani, Field’s Medal Winner, August 2014 Abstract Block ciphers are fundamental building blocks of modern cryptography. They are not only used for encryption but are also the basic components in the construction of other cryptographic mechanisms. Even though the cryptographic security of block ciphers is still the main parameter in their design and application, the efficiency of their implementations became more interesting with the rise of lightweight cryptography. Of equal importance, by the widespread increase of the number of IoT devices in the last decade, embedding cryptographic devices with some countermeasures against physi- cal attacks became a necessity to ensure the physical security of these devices. The research in this thesis is related to two main topics in the direction of the design and the security of hardware-oriented SPN block ciphers: low-latency designs and countermeasures against fault analysis attacks. Chapter 3 deals with countermeasures against fault analysis attacks. It presents a comprehensive methodology for implementing code-based concur- rent error-detection and error-correction schemes. Besides, the tweakable block cipher CRAFT is presented. Here the efficient protection of its imple- mentation against fault analysis has been the main criterion during design. Chapter 4 is focused on low-latency designs. The low-latency block cipher PRINCEv2 is presented. By changing the key schedule of its predecessor PRINCE, the new design provides more security with (almost) no overhead on its implementation. Moreover, a new approach is presented for building low-latency Boolean functions and S-boxes. Chapter 5 studies the Expected Differential Probability (EDP) of (trun- cated) differentials and the Expected Linear Potential (ELP) of (multidi- mensional) linear hulls in SPN block ciphers. It is shown that the previous main method for approximating the EDP of a truncated differential may produce estimations very different from the correct value. New methods are introduced that are based only on the independent round-keys assumption, allow to practically compute the EDP of (truncated) differentials and the ELP of (multidimensional) linear hulls. Finally, we provide the security analysis for the block ciphers CRAFT and PRINCEv2 against several attacks including differential, linear, impossible differential, zero-correlation, meet-in-the-middle, time-data-memory trade- off, integral, division property, and invariant attacks in Chapter 6. vii Zusammenfassung Blockchiffren sind fundamentale Bausteine der modernen Kryptographie. Sie werden nicht nur zur Verschlüsselung eingesetzt, sondern auch als grundle- gende Komponenten verschiedener kryptographischer Mechanismen. Ob- wohl die kryptographische Sicherheit von Blockchiffren nach wie vor der wichtigste Parameter für ihr Design und ihre Anwendung ist, erlangte mit dem Aufkommen der Lightweight-Kryptographie auch die Effizienz der Im- plementierungen zunehmende Bedeutung. Von großer Bedeutung ist es außerdem, die kryptographischen Implementierungen in den weiterverbeit- eten Kleinstgeräten des Internet of Things (IoT) gegen physikalische Angriffe abzusichern. Diese Doktorarbeit beschäftigt sich mit zwei Hauptaspekten des Designs und der Sicherheit hardwarebasierter SPN-Blockchiffren: Designs mit geringer Latenz und Gegenmaßnahmen gegen Fehlerinjektionsangriffe. Kapitel 3 behandelt die Gegenmaßnahmen gegen Fehlerinjektionsan- griffe. Es wird eine umfassende Methodik präsentiert um codebasierte nebenläufige Fehlerdetektionsverfahren und Fehlerkorrekturverfahren zu implementieren. Des Weiteren wird die Blockchiffre CRAFT präsentiert, welche die Eigenschaft erfüllt "tweakable" zu sein. Ein Hauptkriterium ihres Designs war der effiziente Schutz ihrer Implementierung gegen Fehlerinjek- tionsangriffe. Kapitel 4 konzentriert sich auf Designs mit geringer Latenz. Zunächst wird die Blockchiffre PRINCEv2 wird präsentiert, welche eine sehr geringe Latenz bietet. Durch eine Veränderung der Schlüsselableitungsfunktion ihres Vorgängers PRINCE bietet das neue Design eine höhere Sicherheit (fast) ohne dabei die Implementierungskosten zu erhöhen. Des Weiteren wird ein neuer Ansatz präsentiert um Boolesche Funktionen und S-Boxen mit geringer Latenz zu konstruieren. Kapitel 5 untersucht die Erwartete Differenzwahrscheinlichkeit (EDP) von (abgeschnittenen) Differentialen und die Erwartetes lineares Potential (ELP) von (mehrdimensionalen) linearen Hüllen in SPN-Blockchiffren. Es wird gezeigt, dass die bisherige Hauptmethode zur Approximation der EDP eines abgeschnittenen Differentials zu Ergebnissen führen kann, die sich stark vom korrekten Wert unterscheiden. Weiterhin werden neue Methoden vorgestellt, die nur auf der Annahme unabhängiger Rundenschlüssel basieren und es erlauben, die EDP von (abgeschnittenen) Differentialen und die ELP von (mehrdimensionalen) linearen Hüllen praktisch zu berechnen. Abschließend stellen wir in Kapitel 6 die Sicherheitsanalyse der Block- chiffren CRAFT und PRINCEv2 gegen verschiedene Angriffe vor, einschließlich differentieller, linearer, unmöglich-differentieller, Null-Korrelations-, Meet-in- the-Middle, Time-Data-Memory Trade-off, Integral-, Divisionseigenschafts- und invariante Angriffe. ix Acknowledgments I believe that no one achieves success alone and this success is not complete without acknowledging the help of others. First of all, I want to appreciate Gregor and Amir for giving me the opportunity to be their student and to work in their group. Their great supervision, support, and advice helped me a lot in my research during the last four years. I thank them for their patience for my (dummy) questions and mistakes, for giving me plenty of time to hear my (trivial) ideas and for discussions, and for leading me to the correct direction. If I am ever going to be a supervisor in the future, they taught me how to be a good one. I would also like to express my gratitude to Irmgard and Marion for helping out in every possible situation and for lots of administrative tasks. I also want to appreciate Christof, Friedrich, Steffen and Thorben. I believe that I could not succeed in my Ph.D. studies without your helps. Thank you for all the times you gave me for research and non-research discussions, for helping me to find out solutions to my academic and non- academic problems, and especially for proof-reading and their comments on parts of this thesis. I will always be in your debt. Further, I am very thankful to all of my co-authors with whom I col- laborated during my Ph.D. studies. I would especially like to thank Anita Aghaei, Maria Eichlseder, Virginie Lallemand, Baptiste Lambin, Aein Rezaei Shahmirzadi, Falk Schellenberg, Tobias Schneider, and Yosuke Todo for all the work and researches we have done together. I had the opportunity to be a member of two great groups of Horst Görtz Institute; EmSec and SymCrypt. I like to thank all HGI members, especially my colleagues from these groups and the colleagues from Wasserstraße 221 building for all the great moments that we had together. Last but foremost, I like to thank Ayda for her understanding, support and endless love, and whole my family, especially my parents and beloved sister, Aziz, Farideh and Habibeh, for supporting me at every moment of my life and in everything I decided to do. I am sure my words cannot express all my gratitude to you. Shahram Rasoolzadeh Bochum December 2020 xi Contents ABSTRACT vii ZUSAMMENFASSUNG ix ACKNOWLEDGMENTS xi CONTENTS xiv LIST OF FIGURES xvi LIST OF TABLES xviii LIST OF ALGORITHMS xix I PROLOGUE 1 1 INTRODUCTION 3 1.1 Motivation . 4 1.2 Outline and Contributions . 5 1.3 Publications . 6 2 PRELIMINARIES