Breaking the hardware implementation of AES encryption
Advanced Encryption Standard (AES) is an extensively used symmetric block cipher algorithm which generates ciphertext based on plaintext and key (128, 192, or 256 bits) inputs. Recover the cipher key through brute-force attempts is unrealistic due to the extremely high computation complexity. Nevert...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
Nanyang Technological University
2021
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/149897 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | Advanced Encryption Standard (AES) is an extensively used symmetric block cipher algorithm which generates ciphertext based on plaintext and key (128, 192, or 256 bits) inputs. Recover the cipher key through brute-force attempts is unrealistic due to the extremely high computation complexity. Nevertheless, recent studies show that physical attacks, such as fault analysis and side-channel analysis, on hardware platform can reveal the cipher key with limited fault-free and faulty ciphertexts. These lightweight and low-cost physical attacks bring a huge challenge on embedded devices. Thus, investigation and analysis of modern embedded devices under physical attacks become a critical procedure to build a robust and reliable Internet of Things (IoT) network.
This project was conducted to examine various types of physical attack techniques, including Differential Power Analysis (DPA), Correlation Power Analysis (CPA) and Differential Fault Analysis (DFA). ChipWhisperer capture board and python interface was utilized to initiate the attack against AES implemented on XMEGA microcontroller and CW305 FPGA board. In the case of targeting AES on XMEGA microcontroller, a DPA attack successfully broke the AES-128 key by collecting 1200 power traces within 2 minutes. On the other hand, a CPA attack only required 50 traces and 11 seconds to reveal the key. Exploiting second-order CPA attack against a fully-masked AES was also conducted. After collecting 500 traces and using 7 minutes 23 seconds, the AES key was successfully broken. Moreover, DFA can reveal the key by injecting one byte of fault twice and performing 2 seconds of analysis on two faulty ciphertexts. If only one fault injection is permitted, DFA still can crack the AES, but with 16 minutes post-processing time.
The results of these experiments show that AES algorithm has many security vulnerabilities in terms of physical implementation. It is imperative to design a protection scheme on AES that takes into account all of these possible physical attacks. |
|---|