Abstract
We present HMM attacks, a new type of cryptanalysis based on modeling randomized side channel countermeasures as Hidden Markov Models (HMM’s). We also introduce Input Driven Hidden Markov Models (IDHMM’s), a generalization of HMM’s that provides a powerful and unified cryptanalytic framework for analyzing countermeasures whose operational behavior can be modeled by a probabilistic finite state machine. IDHMM’s generalize previous cryptanalyses of randomized side channel countermeasures, and they also often yield better results. We present efficient algorithms for key recovery using IDHMM’s. Our methods can take advantage of multiple traces of the side channel and are inherently robust to noisy measurements. Lastly, we apply IDHMM’s to analyze two randomized exponentiation algorithms proposed by Oswald and Aigner. We completely recover the secret key using as few as ten traces of the side channel.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Ha, J., Moon, S.: Randomized signed-scalar multiplication of ECC to resist power attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 551–563. Springer, Heidelberg (2002)
Oswald, E., Aigner, M.: Randomized addition-subtraction chains as a countermeasure against power attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, p. 39. Springer, Heidelberg (2001)
Izu, T., Takagi, T.: A fast parallel elliptic curve multiplication resistant against side channel attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, p. 280. Springer, Heidelberg (2002)
Walter, C.: MIST: An efficient, randomized exponentiation algorithm for resisting power analysis. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, p. 53. Springer, Heidelberg (2002)
Liardet, P.Y., Smart, N.: Preventing SPA/DPA in ECC systems using the jacobi form. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, p. 391. Springer, Heidelberg (2001)
Itoh, K., Yajima, J., Takenaka, M., Torri, N.: DPA countermeasures by improving the window method. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 303–317. Springer, Heidelberg (2003)
May, D., Muller, H., Smart, N.: Randomized register renaming to foil DPA. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, p. 28. Springer, Heidelberg (2001)
Goubin, L., Patarin, J.: DES and differential cryptanalysis. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, p. 158. Springer, Heidelberg (1999)
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Jordan, M.: An Introduction to Probabilistic Graphical Models (2003) (in preparation)
Russell, S., Norvig, P.: Artificial Intelligence, A Modern Approach. Prentice Hall, Englewood Cliffs (1995)
Okeya, K., Sakurai, K.: On insecurity of the side channel attack countermeasure using addition-subtraction chains under distinguishability between addition and doubling. In: The 7th Australasian Conference on Information Security and Privacy (2002)
Walter, C.: Security constraints on the Oswald-Aigner exponentiation algorithm. Cryptology ePrint Archive (2003), http://eprint.iacr.org/
Coron, J.S.: Resistance against differential power analysis attacks for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, p. 292. Springer, Heidelberg (1999)
Walter, C.: Breaking the Liardet-Smart randomized exponentiation algorithm. In: Fifth Smart Card Research and Advanced Application Conference (CARDIS) (2002)
Karlof, C., Wagner, D.: Hidden Markov Model Cryptanalysis. Technical Report UCB//CSD- 03-1244, University of California at Berkeley (2003)
Song, D.X., Wagner, D., Tian, X.: Timing analysis of keystrokes and timing attacks on SSH. In: Tenth USENIX Security Symposium (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Karlof, C., Wagner, D. (2003). Hidden Markov Model Cryptanalysis. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds) Cryptographic Hardware and Embedded Systems - CHES 2003. CHES 2003. Lecture Notes in Computer Science, vol 2779. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45238-6_3
Download citation
DOI: https://doi.org/10.1007/978-3-540-45238-6_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40833-8
Online ISBN: 978-3-540-45238-6
eBook Packages: Springer Book Archive