[go: up one dir, main page]

What a lovely hat

Is it made out of tin foil?

Paper 2013/168

On secure embedded token design (Long Version) -- Quasi-looped Yao circuits and bounded leakage

Simon Hoerder, Kimmo Järvinen, and Dan Page

Abstract

Within a broader context of mobile and embedded computing, the design of practical, secure tokens that can store and/or process security-critical information remains an ongoing challenge. One aspect of this challenge is the threat of information leakage through side-channel attacks, which is exacerbated by any resource constraints. Although any countermeasure can be of value, it seems clear that approaches providing robust guarantees are most attractive. Along these lines, this paper extends previous work on use of Yao circuits via two contributions. First, we show how careful analysis can fix the maximum number of traces acquired during a DPA attack, effectively bounding leakage from a Yao-based token: for a low enough bound, the token can therefore be secured via conventional (potentially less robust) countermeasures. To achieve this we use modularised Yao circuits, which also support our second contribution: the first Yao-based mplementation of a secure authentication payload, namely HMAC based on SHA.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Workshop on Information Security Theory and Practice (WISTP) 2013
Keywords
Yao circuitsside-channel attacksleakage-resilientmobileembedded tokensAESHMACSHA
Contact author(s)
hoerder @ cs bris ac uk
History
2013-03-28: received
Short URL
https://ia.cr/2013/168
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2013/168,
      author = {Simon Hoerder and Kimmo Järvinen and Dan Page},
      title = {On secure embedded token design (Long Version) -- Quasi-looped Yao circuits and bounded leakage},
      howpublished = {Cryptology {ePrint} Archive, Paper 2013/168},
      year = {2013},
      url = {https://eprint.iacr.org/2013/168}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.