Security of block ciphers : from algorithm design to hardware implementation /
Saved in:
| Author / Creator: | Sakiyama, Kazuo, 1971- |
|---|---|
| Imprint: | Singapore : Wiley, [2015] ©2015 |
| Description: | 1 online resource |
| Language: | English |
| Subject: | |
| Format: | E-Resource Book |
| URL for this record: | http://pi.lib.uchicago.edu/1001/cat/bib/11653389 |
Table of Contents:
- Propagation in Linear Computations 83 4.2.5 Probabilistic Differential Propagation in Nonlinear Computations 86 4.2.6 Probability of Differential Propagation for Multiple Rounds 89 4.2.7 Differential Characteristic for AES Reduced to Three Rounds 91 4.2.8 Distinguishing Attack with Differential Characteristic 93 4.2.9 Key Recovery Attack after Differential Characteristic 95 4.2.10 Basic Differential Cryptanalysis for Four-Round AES & dagger; 96 4.2.11 Advanced Differential Cryptanalysis for Four-Round AES & dagger; 103 4.2.12 Preventing Differential Cryptanalysis & dagger; 106 4.3 Impossible Differential Cryptanalysis 110 4.3.1 Basic Concept and Definition 110 4.3.2 Impossible Differential Characteristic for 3.5-round AES 111 4.3.3 Key Recovery Attacks for Five-Round AES 114 4.3.4 Key Recovery Attacks for Seven-Round AES & dagger; 123 4.4 Integral Cryptanalysis 131 4.4.1 Basic Concept.
- 131 4.4.2 Processing P through Subkey XOR 132 4.4.3 Processing P through SubBytes Operation 133 4.4.4 Processing P through ShiftRows Operation 134 4.4.5 Processing P through MixColumns Operation 134 4.4.6 Integral Property of AES Reduced to 2.5 Rounds 135 4.4.7 Balanced Property 136 4.4.8 Integral Property of AES Reduced to Three Rounds and Distinguishing Attack 137 4.4.9 Key Recovery Attack with Integral Cryptanalysis for Five Rounds 139 4.4.10 Higher-Order Integral Property & dagger; 141 4.4.11 Key Recovery Attack with Integral Cryptanalysis for Six Rounds & dagger; 143 Further Reading 147 5 Side-Channel Analysis and Fault Analysis on Block Ciphers 149 5.1 Introduction 149 5.1.1 Intrusion Degree of Physical Attacks 149 5.1.2 Passive and Active Noninvasive Physical Attacks 151 5.1.3 Cryptanalysis Compared to Side-Channel Analysis and Fault Analysis 151 5.2.
- Basics of Side-Channel Analysis 152 5.2.1 Side Channels of Digital Circuits 152 5.2.2 Goal of Side-Channel Analysis 154 5.2.3 General Procedures of Side-Channel Analysis 155 5.2.4 Profiling versus Non-profiling Side-Channel Analysis 156 5.2.5 Divide-and-Conquer Algorithm 157 5.3 Side-Channel Analysis on Block Ciphers 159 5.3.1 Power Consumption Measurement in Power Analysis 160 5.3.2 Simple Power Analysis and Differential Power Analysis 163 5.3.3 General Key Recovery Algorithm for DPA 164 5.3.4 Overview of Attack Targets 169 5.3.5 Single-Bit DPA Attack on AES-128 Hardware Implementations 181 5.3.6 Attacks Using HW Model on AES-128 Hardware Implementations 186 5.3.7 Attacks Using HD Model on AES-128 Hardware Implementations 192 5.3.8 Attacks with Collision Model & dagger; 199 5.4 Basics of Fault Analysis 203 5.4.1 Faults Caused by Setup-Time Violations 205 5.4.2 Faults.
- Caused by Data Alternation 208 5.5 Fault Analysis on Block Ciphers 208 5.5.1 Differential Fault Analysis 208 5.5.2 Fault Sensitivity Analysis & dagger; 215 Acknowledgment 223 Bibliography 223 6 Advanced Fault Analysis with Techniques from Cryptanalysis 225 6.1 Optimized Differential Fault Analysis 226 6.1.1 Relaxing Fault Model 226 6.1.2 Four Classes of Faulty Byte Positions 227 6.1.3 Recovering Subkey Candidates of sk10 228 6.1.4 Attack Procedure 230 6.1.5 Probabilistic Fault Injection 231 6.1.6 Optimized DFA with the MixColumns Operation in the Last Round & dagger; 232 6.1.7 Countermeasures against DFA and Motivation of Advanced DFA 236 6.2 Impossible Differential Fault Analysis 237 6.2.1 Fault Model 238 6.2.2 Impossible DFA with Unknown Faulty Byte Positions 238 6.2.3 Impossible DFA with Fixed Faulty Byte Position 244 6.3 Integral Differential.
- Fault Analysis 245 6.3.1 Fault Model 246 6.3.2 Integral DFA with Bit-Fault Model 247 6.3.3 Integral DFA with Random Byte-Fault Model 251 6.3.4 Integral DFA with Noisy Random Byte-Fault Model & dagger; 254 6.4 Meet-in-the-Middle Fault Analysis 260 6.4.1 Meet-in-the-Middle Attack on Block Ciphers 260 6.4.2 Meet-in-the-Middle Attack for Differential Fault Analysis 263 Further Reading 268 7 Countermeasures against Side-Channel Analysis and Fault Analysis 269 7.1 Logic-Level Hiding Countermeasures 269 7.1.1 Overview of Hiding Countermeasure with WDDL Technique 270 7.1.2 WDDL-NAND Gate 272 7.1.3 WDDL-NO.