Prevention of side channel attacks against block cipher implementations and other cryptographic systems
First Claim
1. An improved method for performing a symmetric block cipher operation on a message block using a tamper resistant device having a microprocessor, the improved method comprising:
- (a) receiving an input message;
(b) obtaining unpredictable information;
(c) using said microprocessor, producing at least one masked intermediate parameter and a corresponding blinding parameter from at least said input message and said unpredictable information, such that;
(i) the value of said masked intermediate parameter is unpredictable to an attacker;
(ii) the value of said blinding parameter is unpredictable to an attacker;
(iii) the value of an intermediate value for said block cipher operation is represented by a mathematical relationship between said masked intermediate parameter and said blinding parameter;
(d) using said microprocessor, performing a plurality of rounds of said block cipher operation, where each said round includes changing said value for at least one of said parameters, and at least one round includes(x) obtaining additional unpredictable information relative to a prior round, and(y) using said additional unpredictable information, processing said masked intermediate parameter and said blinding parameter to obtain a new value for said masked intermediate parameter and a new value for said blinding parameter relative to a prior round; and
(e) producing an output message from at least said masked intermediate parameter and said blinding parameter after said round operations in step (d).
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and apparatuses are disclosed for improving DES and other cryptographic protocols against external monitoring attacks by reducing the amount (and signal-to-noise ratio) of useful information leaked during processing. An improved DES implementation of the invention instead uses two 56-bit keys (K1 and K2) and two 64-bit plaintext messages (M1 and M2), each associated with a permutation (i.e., K1P, K2P and M1P, M2P) such that K1P{K1} XOR K2P{K2} equals the “standard” DES key K, and M1P{M1} XOR M2P{M2} equals the “standard” message. During operation of the device, the tables are preferably periodically updated, by introducing fresh entropy into the tables faster than information leaks out, so that attackers will not be able to obtain the table contents by analysis of measurements. The technique is implementable in cryptographic smartcards, tamper resistant chips, and secure processing systems of all kinds.
-
Citations
10 Claims
-
1. An improved method for performing a symmetric block cipher operation on a message block using a tamper resistant device having a microprocessor, the improved method comprising:
-
(a) receiving an input message; (b) obtaining unpredictable information; (c) using said microprocessor, producing at least one masked intermediate parameter and a corresponding blinding parameter from at least said input message and said unpredictable information, such that; (i) the value of said masked intermediate parameter is unpredictable to an attacker; (ii) the value of said blinding parameter is unpredictable to an attacker; (iii) the value of an intermediate value for said block cipher operation is represented by a mathematical relationship between said masked intermediate parameter and said blinding parameter; (d) using said microprocessor, performing a plurality of rounds of said block cipher operation, where each said round includes changing said value for at least one of said parameters, and at least one round includes (x) obtaining additional unpredictable information relative to a prior round, and (y) using said additional unpredictable information, processing said masked intermediate parameter and said blinding parameter to obtain a new value for said masked intermediate parameter and a new value for said blinding parameter relative to a prior round; and (e) producing an output message from at least said masked intermediate parameter and said blinding parameter after said round operations in step (d). - View Dependent Claims (2, 3, 4, 10)
-
-
5. An improved tamper resistant device containing means for performing a symmetric block cipher operation on a message block, the improved tamper resistant device comprising:
-
(a) means for receiving an input message; (b) a source of unpredictable information; (c) means for producing at least one masked intermediate parameter and a corresponding blinding parameter from at least an input message and unpredictable information, such that; (i)the value of said masked intermediate parameter is unpredictable to an attacker; (ii) the value of said blinding parameter is unpredictable to an attacker; (iii) the value of an intermediate value for said block cipher operation is represented by a mathematical relationship between said masked intermediate parameter and said blinding parameter; (d) means for performing a plurality of rounds of said block cipher operation, including changing said value for at least one of said parameters, and wherein at least one round includes (x) obtaining additional unpredictable information relative to a prior round, and (y) using said additional unpredictable information, processing said masked intermediate parameter and said blinding parameter to obtain a new value for said masked intermediate parameter and a new value for said blinding parameter relative to a prior round; and (e) means for producing an output message, from at least said masked intermediate parameter and said blinding parameter, incorporating the result of said round in (d). - View Dependent Claims (6, 7, 8, 9)
-
Specification