MODELING SIDE-CHANNEL LEAKAGES FOR THE CRYPTOGRAPHIC ALGORITHMS "MAGMA" AND "KUZNACHIK" BASED ON THE ELMO EMULATOR

Abstract

Analysis of the resistance of implementations of information security tools to attacks via side channels is a relevant task in the development of cryptographic modules. The first stage in the study of resistance via side channels is the assessment of the presence of statistical leaks in various parameters of the operation of devices during the execution of cryptographic algorithms. The universal source, assessed as a side channel, is the analysis of the energy consumption of the device during cryptographic operations. In this research the ELMO tool was used to obtain power consumption traces for the Magma and Kuznyechik encryption algorithms, identify instructions containing statistical power consumption leaks for observed algorithms. To model the power consumption traces, the GOST R 34.12—2015 encryption algorithm (n=64 Magma and n=128 Kuznyechik) was implemented in C in ELMO. The full-round version of the Magma and Kuznechik encryption algorithms consists of 15,400 instructions (of which 4,450 instructions contain a potential leakage in energy consumption) and 7,167 instructions (of which 4,833 instructions contain a potential leakage in energy consumption), respectively. The side channel (corresponding to the processed data) can be identified using a statistical t-test. To perform this task, two independent sets of device energy consumption traces are formed: traces with a fixed value of the input vectors and traces with arbitrary (not coinciding with the fixed) values of the input vectors. Power consumption leaks were modeled for different numbers of Magma and Kuznyechik encryption rounds based on the statistical t-test. The identified instructions are optimal for subsequent differential or correlation attacks on power consumption on the observed encryption algorithms. The instructions containing the maximal statistical dependence based on the conducted testing were determined. For the Magma cipher, the instructions added r3,r4,r3 and ldrb r3,[r3,r1] were identified, for the Kuznyechik cipher - lsls r5,r3,#0x0 and str r7,[r3,#0x20000888]. The identified instructions are optimal for subsequent differential or correlation attacks on power consumption on the encryption algorithms under research

Скачивания

Published:

2024-11-10

Issue:

No. 5 (2024)

Section:

SECTION II. DATA ANALYSIS AND MODELING