Go to DBLP homepageA comprehensive tolerant algebraic side-channel attack over modern ciphers using constraint programming
Abstract: Tolerant algebraic side-channel attack (TASCA) exploits side-channel information with an algebraic formulation of a cipher to exploit its weaknesses and recover a secret key. Its inputs consist of a side-channel trace of an encryption and the clear and cipher texts. TASCA demonstrated that pseudo-Boolean optimization can successfully recover a key with reasonable computational efforts. Unlike Boolean Satisfiability (SAT), Constraint Programming (CP) is an optimization technology that favors high-level, rich and expressive models that is ideal to naturally model and solve cryptanalysis challenges. It offers direct encoding of bit-wise operations and avoids costly bit-blasting formulation required by SAT and pseudo-Boolean solvers. TASCA-CP is an embodiment of TASCA and is used to attack AES-128 as well as AES-256 to recover keys when noisy side-channel measurements are available. It achieves this task orders of magnitude faster than the original TASCA approach. TASCA-CP, with its performance, enables cryptanalysts to explore larger key-sizes and probe weaknesses of ciphers. The article demonstrates, with an attack on Keeloq, that a high-level modeling approach is essential to easily adapt to different ciphers. The empirical evaluation establishes the performance of the system when compared to the original TASCA implementation on modern IP solvers and identical hardware.
Loading