An Efficient Collision Power Attack on AES Encryption in Edge Computing

Edge computing has become a promising paradigm for the context-aware and delay-sensitive IoT data analytics. For the sake of security, some cryptographic algorithms such as AES, RSA, and so on, are employed for the encryption communication and authentication. The collision power attack is a typical physical attack to recover the secret key of the AES algorithm. However, almost all collision attacks aim at the detection of internal collisions caused by the output of S-boxes, and the linear layers are not concerned with those protected implementations. The relation between the mask and the masked data has been given little attention and stays as is, where the leakages still exist. In this paper, we focus on three typical AES implementations in edge computing, and propose a new type of collision attack by making use of leakages from linear layers, which is capable of breaking masking schemes with uniformly distributed random masks. In addition, a novel scalable collision attack of general applicability and high-efficiency is proposed and applied to masked linear layers and masked S-boxes. It can reach an equal level of performance compared to the second-order power analysis with acceptable off-line search, which improves the known collision attacks significantly.