Drm to counter side-channel attacks?

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Drm to counter side-channel attacks?

Full text

Pdf (238 KB)

Source

ACM Workshop On Digital Rights Management archive
Proceedings of the 2007 ACM workshop on Digital Rights Management table of contents

Alexandria, Virginia, USA

SESSION: Applications of DRM table of contents

Pages: 23 - 32

Year of Publication: 2007

ISBN:978-1-59593-884-8

Authors

Ryad Benadjila	Orange Labs, Issy-les-Moulineaux, France
Olivier Billet	Orange Labs, Issy-les-Moulineaux, France
Stanislas Francfort	Orange Labs, Issy-les-Moulineaux, France

Sponsors

ACM: Association for Computing Machinery
SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): n/a, Downloads (12 Months): n/a, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1314276.1314282 What is a DOI?

ABSTRACT

In the DRM setting, the attacker is a very powerful adversary, owning the software as well as the underlying hardware. This context is far different from the black-box attacker commonly considered in conventional cryptography.Therefore, cryptographers have tried to design new cryptographic tools fitting the DRM requirements. A related issuein cryptography is that of side-channel attacks, where theattacker is stronger than the black-box attacker, but usually weaker than a DRM attacker. In this paper, we aim toshow that the study of side-channel attacks can benefit fromDRM research, and in particular from the attacker modelsand solutions tailored to this specific setting. We focus ona specific issue, namely the cache attacks against the AES,and show how current counter-measures can be seen as restricted versions of a previous protection proposed in theDRM setting. We demonstrate that those kind of counter-measures are weak against cache-based side-channel attacks by reusing results from the DRM setting.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	O. Aciicmez, Cetin Kaya Koc, and J.-P. Seifert. Predicting secret keys via branch prediction In CT-RSA, pages 225--242, 2007.
	2	Boaz Barak , Oded Goldreich , Russell Impagliazzo , Steven Rudich , Amit Sahai , Salil P. Vadhan , Ke Yang, On the (Im)possibility of Obfuscating Programs, Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, p.1-18, August 19-23, 2001
	3	D. J. Bernstein. Cache-timing attacks on AES, 2005. http://cr.yp.to/papers.html#cachetiming, preprint.
	4	O. Billet, H. Gilbert, and C. EchChatbi. Cryptanalysis of a white box AES implementation. In H. Handschuh and A. Hasan, editors, Selected areas in cryptography SAC 2004, volume 3357 of Lecture Notes in Computer Science, page 227. Springer, 2004.
	5	E. Brickell, G. Graunke, M. Neve, and J.-P. Seifert. Software mitigations to hedge aes against cache-based software side channel vulnerabilities. Cryptology ePrint Archive, Report 2006/052, 2006. http://eprint.iacr.org/.
	6	David Brumley , Dan Boneh, Remote timing attacks are practical, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.48 n.5, p.701-716, 5 August 2005 [doi>10.1016/j.comnet.2005.01.010]
	7	A. Canteaut, C. Lauradoux, and A. Seznec. Understanding cache attacks, 2006. http://hal.inria.fr/inria-00071387.
	8	Stanley Chow , Philip A. Eisen , Harold Johnson , Paul C. van Oorschot, White-Box Cryptography and an AES Implementation, Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography, p.250-270, August 15-16, 2002
	9	S. Chow, P. A. Eisen, H. Johnson, and P. C. van Oorschot. A white-box DES implementation for DRM applications. In Digital Rights Management Workshop, pages 1--15, 2002.
	10	Joan Daemen , Vincent Rijmen, The Design of Rijndael, Springer-Verlag New York, Inc., Secaucus, NJ, 2002
	11	Karine Gandolfi , Christophe Mourtel , Francis Olivier, Electromagnetic Analysis: Concrete Results, Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems, p.251-261, May 14-16, 2001
	12	Shafi Goldwasser , Yael Tauman Kalai, On the Impossibility of Obfuscation with Auxiliary Input, Proceedings of the 46th Annual IEEE Symposium on Foundations of Computer Science, p.553-562, October 23-25, 2005 [doi>10.1109/SFCS.2005.60]
	13	L. Goubin, J.-M. Masereel, and M. Quisquater. Cryptanalysis of white box des implementations. Cryptology ePrint Archive, Report 2007/035, 2007. http://eprint.iacr.org/.
	14	M. Jacob, D. Boneh, and E. W. Felten. Attacking an obfuscated cipher by injecting faults. In J. Feigenbaum, editor, Digital rights management workshop DRM 2002, volume 2696 of Lecture Notes in Computer Science, pages 16--31. Springer, 2003.
	15	Paul C. Kocher, Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems, Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, p.104-113, August 18-22, 1996
	16	Paul C. Kocher , Joshua Jaffe , Benjamin Jun, Differential Power Analysis, Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, p.388-397, August 15-19, 1999
	17	F. Koeune and J.-J. Quisquater. A timing attack against Rijndael, 1999. Preprint available from http://www.dice.ucl.ac.be/crypto/tech_reports/.
	18	Hamilton E. Link , William D. Neumann, Clarifying Obfuscation: Improving the Security of White-Box DES, Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume I, p.679-684, April 04-06, 2005 [doi>10.1109/ITCC.2005.100]
	19	B. Lynn, M. Prabhakaran, and A. Sahai. Positive Results and Techniques for Obfuscation. In C. Cachin and J. Camenisch, editors, Advances in Cryptology EUROCRYPT 2004, volume 3027 of Lecture Notes in Computer Science, pages 20--39. Springer, 2004.
	20	National Institute of Standards and Technology. FIPS 46-3: Data Encryption Standard, October 1999. http://csrc.nist.gov.
	21	M. Neve. Cache-based Vulnerabilities and SPAM Analysis. PhD thesis, UCL, July 2006.
	22	M. Neve and J.-P. Seifert. Advances on access-driven cache attacks on AES. In E. Biham and A. Youssef, editors, Selected areas in cryptography SAC 2006, volume 4356 of Lecture Notes in Computer Science, pages 174--187. Springer, 2006.
	23	Michael Neve , Jean-Pierre Seifert , Zhenghong Wang, A refined look at Bernstein's AES side-channel analysis, Proceedings of the 2006 ACM Symposium on Information, computer and communications security, March 21-24, 2006, Taipei, Taiwan [doi>10.1145/1128817.1128887]
	24	OpenSSL. openssl-0.9.8e, February 2007. http://www.openssl.org.
	25	D. A. Osvik, A. Shamir, and E. Tromer. Cache attacks and countermeasures: The case of AES. In CT-RSA, pages 1--20, 2006.
	26	C. Percival. Cache missing for fun and profit, 2005. Available from http://www.daemonology.net/.
	27	J. P. Shen and M. H. Lipasti. Modern Processor Design: Fundamentals of Superscaler Processors. McGraw-Hill Higher Education, 2004.
	28	Y. Tsunoo, T. Saito, T. Suzaki, M. Shigeri, and H. Miyauchi. Cryptanalysis of DES implemented on computers with cache. In CHES, pages 62--76, 2003.
	29	B. Wyseur, W. Michiels, P. Gorissen, and B. Preneel. Cryptanalysis of white-box des implementations with arbitrary external encodings. Cryptology ePrint Archive, Report 2007/104, 2007. http://eprint.iacr.org/.