Side-Channel Countermeasure for SHA-3 At Almost-Zero Area Overhead Mostafa Taha and Patrick Schaumont Virginia Tech This research was supported in part by the VT-MENA program of Egypt, and by NSF grant no. 1115839. Outline • Side-Channel Analysis • SHA-3, the story and its applications • SHA-3 Countermeasure • New Design Concept 2 Outline • Side-Channel Analysis • SHA-3, the story and its applications • SHA-3 Countermeasure • New Design Concept 3 Side-Channel Analysis • Information Leakage Key Register Observable Quantity 4 Side-Channel Analysis • Example – Password Checker (8 bytes) for (i = 0 ; i < 8 ; i++){ is False one loop (I[0]=K[0]) if(I[i] = K[i]){ Time Password = true; (I[0]=K[0]) is True } (I[1]=K[1]) is False two loops else{ Password = false; 255 values of I[0] need one loop, break; while one correct value needs two loops } } Brute Force security reduced from 2568 to 256*8 If 1 try = 1 휇sec from 585K years to 2 msec! 5 Side-Channel Analysis • Information Leakage Key - Computation Time - Power Consumption Register - Electromagnetic - Acoustic Waves - Photonic Emission - Faulty Ciphertext 6 Side-Channel Analysis • One Trace Simple .......... Analysis • Many Traces Differential .......... Analysis Hypothesis Table K0 K1 K2 Actual Eq. Eq. Eq. Variable Variable Variable Leakage Leakage Leakage Leakage 2 0x0F 4 0x82 2 0xF1 5 3 0xAA 4 0x51 3 0x4E 4 5 0xD3 5 0xA3 4 0x0B 3 4 0x31 3 0xC7 5 0x92 3 : : : : : : : Correlation 7 Side - Channel Analysis Channel I – Var. Affect Traces Hiding Differential Analysis Differential II - Predict Variables Masking III - Combine Traces Resiliency Resiliency Leakage 8 Outline • Side-Channel Analysis • SHA-3, the story and its applications • SHA-3 Countermeasure • Why the countermeasure works! 9 SHA-3 (The Story) • SHA-3 is a hashing standard 1011000101101010 • SHA-0, SHA-1, SHA-2 SHA-3 • Competition started in Nov. 2007 and ended in Oct. 2012 with Keccak as the winner. • Chosen for – Superior performance in hardware – The Sponge construction 10 SHA-3 (The Sponge construction) Ordinary New M0 M1 M2 M3 MAC0 MAC1 Rate Capacity r 0 푓 푓 푓 푓 푓 c 0 Permutation Function Input 푓 Output 11 SHA-3 (Applications) • Regular Hashing M0 M1 M2 M3 MAC0 MAC1 r 0 푓 푓 푓 푓 푓 c 0 12 SHA-3 (Applications) • Salted Hashing SALT M0 M1 M2 MAC0 MAC1 r 0 푓 푓 푓 푓 푓 c 0 13 SHA-3 (Applications) • Message Authentication Codes Optional KEY [IV] M0 M1 MAC0 MAC1 r 0 푓 푓 푓 푓 푓 c 0 - Hashing, salted hashing and MACs are ordinary applications. But! 14 SHA-3 (Applications) • Random Number Generation New! SEED0 SEED1 r 0 푓 푓 푓 푓 푓 c 0 R0 R1 Rn-2 Rn-1 15 SHA-3 (Applications) • Stream Encryption New! Mandatory KEY IV r 0 푓 푓 푓 푓 푓 c 0 C0 C1 Cn-2 Cn-1 16 SHA-3 (Applications) • Authenticated Encryption New! Mandatory KEY IV M0 M1 MAC0 MAC1 r 0 푓 푓 푓 푓 푓 c 0 C0 C1 And many more. 17 SHA-3 • Keccak permutation function 24 Rounds of 4 4 3 3 2 2 1 1 0 0 0 1 2 3 4 0 1 2 3 4 State State 1600 bits 1600 bits Also, PHOTON, QUARK, SPONGENT,… 18 SHA-3 (Single Core) Regular Hashing Salted Hashing RNG MAC-generation Stream Encryption Authenticated Encryption One HW Core 19 SHA-3 (Single Core) Regular Hashing MAC-generation Salted Hashing Stream Encryption RNG Authenticated Encryption Side-Channel Protection 3x implementation cost 20 SHA-3 (Single Core) • Permutation Functions Key Key Key Key Message MAC AES AES AES 0 푓 푓 푓 푓 x1 y1 x2 y2 x3 y3 AES Block-cipher MAC-Keccak 21 SHA-3 (Single Core) Regular Hashing Salted Hashing RNG MAC-generation (m-1) + 1 Stream Encryption (m-1) + 1 Authenticated Encryption (m-1) + 1 Design a new countermeasure – Minimal changes to the implementation – Can be turned ON / OFF New! 22 Outline • Side-Channel Analysis • SHA-3, the story and its applications • SHA-3 Countermeasure • Why the countermeasure works! 23 SHA-3 Countermeasure 1. The Key goes to a separate input. 2. Mandate the use of IV in all keyed applications. 3. Squeeze the rate to “one bit” during IV. 4. Use Round-Reduced version of Keccak during IV, except the last bit. 5. Then, proceed normally. Key IV0 IV1 IV|IV|-2 IV|IV|-1 M0 M1 r 0 푓 푓푟 푓푟 푓푟 푓 푓 c 0 Rate = 푟 Rate = 1 Rate = 푟 24 SHA-3 Countermeasure, WHY? IV Tree Structure 2 IV 1. The Key goes to a separate input. Increase1 size of the secret K 2. Mandate the use of IV in all keyed applications.00 Nonce IV0 K0 3. Squeeze the rate to “one bit” during IV. K01 4. Use Round-ReducedKey State version of Keccak during IV, except the last K bit. 10 K 5. Then, proceed normally. 1 K11 Key IV0 IV1 IV|IV|-2 IV|IV|-1 M0 M1 r 0 푓 푓푟 푓푟 푓푟 푓 푓 c 0 Rate = 푟 Rate = 1 Rate = 푟 25 SHA-3 Countermeasure, WHY? 1. The Key goes to a separate input. Increase size of the secret 2. Mandate the use of IV in all keyed applications. Nonce 3. Squeeze the rate to “one bit” during IV. 4. Use Round-Reduced version of Keccak during IV, except the last bit. 5. Then, proceed normally. Key IV0 IV1 IV|IV|-2 IV|IV|-1 M0 M1 r 0 푓 푓푟 푓푟 푓푟 푓 푓 c 0 3 Rounds 24 Rounds Rate = 푟 Rate = 1 Rate = 푟 26 SHA-3 Countermeasure • Implementation – Rate Reduction – Round-Reduced Keccak Using 2 Gates at 3.7 GE (Synopsys Design Compiler at 130nm technology) 27 SHA-3 Countermeasure • Implementation: – Performance 퐼푉 − 1 ∗ 3 extra rounds 퐼푉 − 1 /8 extra Keccak runs – Trading SCA-protection for performance New! Use s bits of IV per step s is an SCA-security parameter in [1: |퐼푉|] New performance: 퐼푉 − 1 /8푠 extra Keccak runs 28 SHA-3 Countermeasure • Comparison : against masked implementations of Keccak designers – Area 29 SHA-3 Countermeasure • Comparison: – Performance 30 SHA-3 Countermeasure • Comparison: – Flexibility SCA-protection can be tuned by software. – Compatibility Can be applied to already built modules – Portability Protect the Sponge with any permutation function 31 Outline • Side-Channel Analysis • SHA-3, the story and its applications • SHA-3 Countermeasure • New Design Concept 32 New Design Concept Practical Methods Theoretical Methods Masking & Hiding Leakage Resilient Cryptography - Fix current implementations - Design new primitives - Efficient solutions - Provable prevention against - Practically verifiable all differential attacks Our Solution But But - Limited scope of protection - No solution to current primitives - Turns SCA harder - Very high implementation cost - Occasionally, breaks-down 33 New Design Concept Practical Methods Theoretical Methods Masking & Hiding Leakage Resilient Cryptography - Fix current implementations - Design new primitives - Efficient solutions - Provable prevention against - Practically verifiable all differential attacks Our Solution But But - Limited- Use scope LRC of protection as a tool to protect- No solutioncurrent to primitives current primitives - Turns- SCAAchieve harder a fine granularity- Veryof SCA high- protectionimplementation cost - Occasionally,vs performance breaks-down Yes, our countermeasure belongs to LRC 34 Conclusion • Proposed a countermeasure for the applications of SHA-3 at almost-zero area overhead. • The performance overhead can be trivialized at long message lengths. • The countermeasure is flexible, compatible and portable. • Use theoretical ideas through practical experience. 35 Thank You Questions? 36.