Presentation 2004/3/8
On the Importance of Protecting Δ in SFLASH against Side Channel Attacks
Katsuyuki OKEYA, Tsuyoshi TAKAGI, Camille VUILLAUME,
PDF Download Page PDF download Page Link
Abstract(in Japanese) (See Japanese page)
Abstract(in English) SFLASH was chosen as one of the final selection of the NESSIE project in 2003. It is one of the most efficient digital signature scheme and is suitable for implementation on memory-constrained devices such as smartcards. Side channel attacks (SCA) are a serious threat to memory-constrained devices. If the implementation on them is careless, the secret key may be recovered. In this paper, we experimentally analyze the effectiveness of a side channel attack on SFLASH. There are two different secret keys for SFLASH, namely the proper secret key (s, t) and the random seed Δ used for the hash function SHA-1.s Whereas many papers discussed the security of (s, t), little is known about that of Δ. We propose a DPA on Δ using the addition operation modulo 2^<32>, and present an experimental result of the DPA. After obtaining the secret key Δ, the underlying problem of SFLASH can be reduced to the C^* problem broken by Patarin. From our simulation, about 1408 pairs of messages and signatures are needed to break SFLASH. Consequently, one has to carefully implement SHA-1 in order to resist SCA on SFLASH.
Keyword(in Japanese) (See Japanese page)
Keyword(in English) Asymmetric Signature / SFLASH / Side Channel Attacks / SHA-1 / C^* / C^<*--> / Hidden Monomial Problem
Paper # IT2003-61,ISEC2003-101,WBS2003-179
Date of Issue

Conference Information
Committee ISEC
Conference Date 2004/3/8(1days)
Place (in Japanese) (See Japanese page)
Place (in English)
Topics (in Japanese) (See Japanese page)
Topics (in English)
Chair
Vice Chair
Secretary
Assistant

Paper Information
Registration To Information Security (ISEC)
Language ENG
Title (in Japanese) (See Japanese page)
Sub Title (in Japanese) (See Japanese page)
Title (in English) On the Importance of Protecting Δ in SFLASH against Side Channel Attacks
Sub Title (in English)
Keyword(1) Asymmetric Signature
Keyword(2) SFLASH
Keyword(3) Side Channel Attacks
Keyword(4) SHA-1
Keyword(5) C^*
Keyword(6) C^<*-->
Keyword(7) Hidden Monomial Problem
1st Author's Name Katsuyuki OKEYA
1st Author's Affiliation Hitachi, Ltd., SDL()
2nd Author's Name Tsuyoshi TAKAGI
2nd Author's Affiliation TU Darmstadt, Fachbereich Informatik Alexanderstr.
3rd Author's Name Camille VUILLAUME
3rd Author's Affiliation Hitachi, Ltd., SDL
Date 2004/3/8
Paper # IT2003-61,ISEC2003-101,WBS2003-179
Volume (vol) vol.103
Number (no) 712
Page pp.pp.-
#Pages 6
Date of Issue