• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.1013-1022
• /
• 2014

Correlation Power Analysis (CPA) is a type of Side-Channel Analysis (SCA) that extracts the secret key using the correlation coefficient both side-channel information leakage by cryptography device and intermediate value of algorithms. Attack performance of the CPA is affected by noise and temporal synchronization of power consumption leaked. In the recent years, various researches about the signal processing have been presented to improve the performance of power analysis. Among these signal processing techniques, compression techniques of the signal based on Principal Component Analysis (PCA) has been presented. Selection of the principal components is an important issue in signal compression based on PCA. Because selection of the principal component will affect the performance of the analysis. In this paper, we present a method of selecting the principal component by using the correlation of the principal components and the power consumption is high and a CPA technique based on the principal component that utilizes the feature that the principal component has different. Also, we prove the performance of our method by carrying out the experiment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.7
• /
• pp.1276-1284
• /
• 2017

Lightweight Encryption Algorithm (LEA) that was standardized as a lightweight block cipher was implemented with 8-bit data path, and the vulnerability of LEA encryption processor to correlation power analysis (CPA) attack was analyzed. The CPA used in this paper detects correct round keys by analyzing correlation coefficient between the Hamming distance of the computed data by applying hypothesized keys and the power dissipated in LEA crypto-processor. As a result of CPA attack, correct round keys were detected, which have maximum correlation coefficients of 0.6937, 0.5507, and this experimental result shows that block cipher LEA is vulnerable to power analysis attacks. A masking method based on TRNG was proposed as a countermeasure to CPA attack. By applying masking method that adds random values obtained from TRNG to the intermediate data of encryption, incorrect round keys having maximum correlation coefficients of 0.1293, 0.1190 were analyzed. It means that the proposed masking method is an effective countermeasure to CPA attack.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.49 no.3
• /
• pp.74-80
• /
• 2012

Recently at SCIS2011, Nakatsu et. al. proposed multi-round Correlation Power Analysis(CPA) on Hardware Advanced Encryption Standard(AES) to improve the performance of CPA with limited number of traces. In this paper, we propose, Multi-Round CPA to retrieve master key using CPA of 1round and 2round on Hardware DES. From the simulation result for the proposed attack method, we could extract 56-bit master key using the 300 power traces of Hardware DES in DPA contes. And it was proved that we can search more master key using multi-round CPA than using single round CPA in limited environments.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.1
• /
• pp.43-50
• /
• 2022

Correlation Power Analysis(CPA) is a sub-channel attack method that measures the detailed power consumption of attack target equipment equipped with cryptographic algorithms and guesses the secret key used in cryptographic algorithms with more than 90% probability. Since CPA performs analysis based on statistics, a large amount of data is necessarily required. Therefore, the CPA must measure power consumption for at least about 15 minutes for each attack. In this paper proposes a method of using a Convolutional Neural Network(CNN) capable of accumulating input data and predicting results to solve the data collection problem of CPA. By collecting and learning the power consumption of the target equipment in advance, entering any power consumption can immediately estimate the secret key, improving the computational speed and 96.7% of the secret key estimation accuracy.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.264-271
• /
• 2021

From an information security perspective, protecting sensitive data requires utilizing algorithms which resist theoretical attacks. However, treating an algorithm in a purely mathematical fashion or in other words abstracting away from its physical (hardware or software) implementation opens the door to various real-world security threats. In the modern age of electronics, cryptanalysis attempts to reveal secret information based on cryptosystem physical properties, rather than exploiting the theoretical weaknesses in the implemented cryptographic algorithm. The correlation power attack (CPA) is a Side-Channel Analysis attack used to reveal sensitive information based on the power leakages of a device. In this paper, we present a power Hacking technique to demonstrate how a power analysis can be exploited to reveal the secret information in AES crypto-core. In the proposed case study, we explain the main techniques that can break the security of the considered crypto-core by using CPA attack. Using two cryptographic devices, FPGA and 8051 microcontrollers, the experimental attack procedure shows that the AES hardware implementation has better resistance against power attack compared to the software one. On the other hand, we remark that the efficiency of CPA attack depends statistically on the implementation and the power model used for the power prediction.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1059-1068
• /
• 2022

A Post-Quantum Cryptographic algorithm NTRU, which is designed by considering the computational power of quantum computers, satisfies the mathematically security level. However, it should consider the characteristics of side-channel attacks such as power analysis attacks in hardware implementation. In this paper, we verify that the private key can be recovered by analyzing the power signal generated during the decryption process of NTRU. To recover the private keys, the Simple Power Analysis (SPA), Correlation Power Analysis (CPA) and Differential Deep Learning Analysis (DDLA) were all applicable. There is a shuffling technique as a basic countermeasure to counter such a power side-channel attack. Neverthe less, we propose a more effective method. The proposed method can prevent CPA and DDLA attacks by preventing leakage of power information for multiplication operations by only performing addition after accumulating each coefficient, rather than performing accumulation after multiplication for each index.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.1
• /
• pp.39-49
• /
• 2020

In this paper, we show that the Chinese standard block cipher SM4 is vulnerable to the side channel attacks and present a countermeasure to resist them. We firstly validate that the secret key of SM4 can be recovered by differential power analysis(DPA) and correlation power analysis(CPA) attacks. Therefore we analyze the vulnerable element caused by power attack and propose a first order masking-based countermeasure to defeat DPA and CPA attacks. Although the proposed countermeasure unfortunately is still vulnerable to the profiling power attacks such as deep learning-based multi layer perceptron(MLP), it can sufficiently overcome the non-profiling attacks such as DPA and CPA.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.05a
• /
• pp.671-674
• /
• 2013

단순전력분석(Simple Power Analysis, SPA)은 적은 수의 평문으로 암호 알고리즘에 대한 패턴 뿐만 아니라 비밀키의 정보를 찾는 전력 분석(Power Analysis)의 방법 중 하나이다. SPA의 장점은 차분전력분석(Differential Power Analysis, DPA) 또는 상관전력분석(Correlation Power Analysis, CPA)보다 적은 계산량으로 비밀키 분석을 할 수 있고, DPA 또는 CPA 분석을 하기 위해 필요한 분석위치 탐지에 효율적으로 활용이 되어 진다는 것이다. 하지만 최근 SPA 분석 성능을 저하시키기 위해 클락 노이즈, 전력 노이즈, 딜레이 노이즈 등 다양한 방법들이 제안되어지고 있다. 본 논문에서는 다양한 노이즈가 있는 환경에서 아날로그 수신기를 활용하여 특정 주파수 영역을 필터링한 후 노이즈를 제거하는 방법을 소개한다. 실험을 통해, 아날로그 수신기를 사용하였을 경우에 사용하지 않았을 경우보다 뚜렷한 대칭키 암호의 라운드 함수가 구분되어지며, 라운드 내 함수 구분도 가능함을 보인다. 이는 DPA 또는 CPA를 이용하여 분석을 수행하고자 할 때 분석 위치를 결정하데 아주 유용하게 활용되어지며, 분석 성능향상에도 기여할 것으로 기대되어진다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.33-43
• /
• 2023

The National Institute of Standards and Technology (NIST), which is working on the Post-Quantum Cryptography (PQC) standardization project, announced four algorithms that have been finalized for standardization. In this paper, we demonstrate through experiments that private keys can be exposed by Correlation Power Analysis (CPA) and Differential Deep Learning Analysis (DDLA) attacks on polynomial coefficient-wise multiplication algorithms that operate in the process of generating signatures using CRYSTALS-Dilithium algorithm. As a result of the experiment on ARM-Cortex-M4, we succeeded in recovering the private key coefficient using CPA or DDLA attacks. In particular, when StandardScaler preprocessing and continuous wavelet transform applied power traces were used in the DDLA attack, the minimum number of power traces required for attacks is reduced and the Normalized Maximum Margines (NMM) value increased by about 3 times. Conseqently, the proposed methods significantly improves the attack performance.

• KIPS Transactions on Computer and Communication Systems
• /
• v.8 no.9
• /
• pp.225-230
• /
• 2019

Recently, with the development of Internet technology, various encryption algorithms have been adopted to protect the sensing data measured by hardware devices. The Advanced Encryption Standard (AES), the most widely used encryption algorithm in the world, is also used in many devices with strong security. However, it has been found that the AES algorithm is vulnerable to side channel analysis attacks such as Differential Power Analysis (DPA) and Correlation Power Analysis (CPA). In this paper, we present a software optimization implementation technique of the AES algorithm applying the most widely known masking technique among side channel analysis attack methods.