Side Channel Attacks against Hash-Based MACs with PGV Compression Functions
スポンサーリンク
概要
- 論文の詳細を見る
HMAC is one of the most famous keyed hash functions, and widely utilized. In order to design secure hash functions, we often use PGV construction consisting of 64 schemes, each of which utilizes a block cipher. If the underlying block cipher is ideal, 12 schemes are proven to be secure. In this paper, we evaluate the security of these schemes in view of side channel attacks. As it turns out, HMACs based on 11 out of 12 secure PGV schemes are vulnerable to side channel attacks, even if the underlying block cipher is secure against side channel attacks. These schemes are classified into two groups based on their vulnerabilities. For the first group which contains 8 schemes, we show that the attacker can reveal the whole key of HMAC, and selectively forge in consequence. For the other group which contains 3 schemes, we specify the importance of the execution sequence for the inner operations of the scheme, and refine it. If wrong orders of operations are used, the attacker can reveal a portion of the key of HMAC. Hence, the use of HMACs based on such PGV schemes as they are is not recommended when the resistance against side channel attacks is necessary.
- (社)電子情報通信学会の論文
- 2008-01-01
著者
-
OKEYA Katsuyuki
Systems Development Laboratory, Hitachi Ltd.
-
Okeya Katsuyuki
Systems Development Laboratory Hitachi Ltd.
-
OKEYA Katsuyuki
Systems Development Laboratory, Hitachi, Ltd.
関連論文
- Recursive Double-Size Modular Multiplications from Euclidean and Montgomery Multipliers
- Recursive Double-Size Modular Multiplications from Euclidean and Montgomery Multipliers
- Faster Double-Size Bipartite Multiplication out of Montgomery Multipliers
- Montgomery Multiplication with Twice the Bit-Length of Multipliers
- Use of Montgomery Trick in Precomputation of Multi-Scalar Multiplication in Elliptic Curve Cryptosystems(Special Section on Cryptography and Information Security)
- SCA-Resistant and Fast Elliptic Scalar Multiplication Based on wNAF (Asymmetric Cipher) (Cryptography and Information Security)
- Defeating Simple Power Analysis on Koblitz Curves(Discrete Mathematics and Its Applications)
- Security Analysis of the SPA-Resistant Fractional Width Method(Elliptic Curve Cryptography, Cryptography and Information Security)
- Cryptanalysis of Ha-Moon's Countermeasure of Randomized Signed Scalar Multiplication(Discrete Mathematics and Its Applications)
- Side Channel Attacks against Hash-Based MACs with PGV Compression Functions
- On the Importance of Protecting Δ in SFLASH against Side Channel Attacks(Tamper-Resistance)(Cryptography and Information Security)
- A New Upper Bound for the Minimal Density of Joint Representations in Elliptic Curve Cryptosystems(Discrete Mathematics and Its Applications)