Random key rotation: Side-channel countermeasure of NTRU cryptosystem for resource-limited devices

An Wang; Ce Wang; Xuexin Zheng; Weina Tian; Rixin Xu; Guoshuang Zhang

doi:10.1016/j.compeleceng.2017.05.007

Random key rotation: Side-channel countermeasure of NTRU cryptosystem for resource-limited devices

An Wang^*, Ce Wang, Xuexin Zheng, Weina Tian, Rixin Xu, Guoshuang Zhang

^*Corresponding author for this work

School of Cyberspace Science and Technology

Research output: Contribution to journal › Article › peer-review

7 Citations (Scopus)

Abstract

The NTRU algorithm, as IEEE P1363.1 standard, has been widely applied in resource-limited cryptosystems such as wearable embedded systems, smart cards, and so on. In 2013, Zheng et al. presented collision attack on three NTRU countermeasures from Lee et al., which are the only three countermeasures of NTRU against side-channel analysis so far. In this paper, we give a new countermeasure named Random Key Rotation (RKR) against the existing statistical side-channel analysis. According to analysis and experiments on STC89C52 microprocessor, little information of the key is leaked by collision attack, second-order correlation power analysis, etc. Furthermore, implementation schemes of RKR countermeasure in software and hardware are suggested. Under typical parameters, barrel shifter implementation of RKR only costs 8-bit extra register and one extra clock cycle (as well as 16 extra multiplexers).

Original language	English
Pages (from-to)	220-231
Number of pages	12
Journal	Computers and Electrical Engineering
Volume	63
DOIs	https://doi.org/10.1016/j.compeleceng.2017.05.007
Publication status	Published - Oct 2017

Keywords

NTRU
Power analysis attacks
Random key rotation
Resource-limited devices
Side-channel attacks

Access to Document

10.1016/j.compeleceng.2017.05.007

Cite this

@article{e3cacbd2f66c4867ae9abd11a430d597,

title = "Random key rotation: Side-channel countermeasure of NTRU cryptosystem for resource-limited devices",

abstract = "The NTRU algorithm, as IEEE P1363.1 standard, has been widely applied in resource-limited cryptosystems such as wearable embedded systems, smart cards, and so on. In 2013, Zheng et al. presented collision attack on three NTRU countermeasures from Lee et al., which are the only three countermeasures of NTRU against side-channel analysis so far. In this paper, we give a new countermeasure named Random Key Rotation (RKR) against the existing statistical side-channel analysis. According to analysis and experiments on STC89C52 microprocessor, little information of the key is leaked by collision attack, second-order correlation power analysis, etc. Furthermore, implementation schemes of RKR countermeasure in software and hardware are suggested. Under typical parameters, barrel shifter implementation of RKR only costs 8-bit extra register and one extra clock cycle (as well as 16 extra multiplexers).",

keywords = "NTRU, Power analysis attacks, Random key rotation, Resource-limited devices, Side-channel attacks",

author = "An Wang and Ce Wang and Xuexin Zheng and Weina Tian and Rixin Xu and Guoshuang Zhang",

note = "Publisher Copyright: {\textcopyright} 2017",

year = "2017",

month = oct,

doi = "10.1016/j.compeleceng.2017.05.007",

language = "English",

volume = "63",

pages = "220--231",

journal = "Computers and Electrical Engineering",

issn = "0045-7906",

publisher = "Elsevier Ltd.",

}

TY - JOUR

T1 - Random key rotation

T2 - Side-channel countermeasure of NTRU cryptosystem for resource-limited devices

AU - Wang, An

AU - Wang, Ce

AU - Zheng, Xuexin

AU - Tian, Weina

AU - Xu, Rixin

AU - Zhang, Guoshuang

PY - 2017/10

Y1 - 2017/10

N2 - The NTRU algorithm, as IEEE P1363.1 standard, has been widely applied in resource-limited cryptosystems such as wearable embedded systems, smart cards, and so on. In 2013, Zheng et al. presented collision attack on three NTRU countermeasures from Lee et al., which are the only three countermeasures of NTRU against side-channel analysis so far. In this paper, we give a new countermeasure named Random Key Rotation (RKR) against the existing statistical side-channel analysis. According to analysis and experiments on STC89C52 microprocessor, little information of the key is leaked by collision attack, second-order correlation power analysis, etc. Furthermore, implementation schemes of RKR countermeasure in software and hardware are suggested. Under typical parameters, barrel shifter implementation of RKR only costs 8-bit extra register and one extra clock cycle (as well as 16 extra multiplexers).

AB - The NTRU algorithm, as IEEE P1363.1 standard, has been widely applied in resource-limited cryptosystems such as wearable embedded systems, smart cards, and so on. In 2013, Zheng et al. presented collision attack on three NTRU countermeasures from Lee et al., which are the only three countermeasures of NTRU against side-channel analysis so far. In this paper, we give a new countermeasure named Random Key Rotation (RKR) against the existing statistical side-channel analysis. According to analysis and experiments on STC89C52 microprocessor, little information of the key is leaked by collision attack, second-order correlation power analysis, etc. Furthermore, implementation schemes of RKR countermeasure in software and hardware are suggested. Under typical parameters, barrel shifter implementation of RKR only costs 8-bit extra register and one extra clock cycle (as well as 16 extra multiplexers).

KW - NTRU

KW - Power analysis attacks

KW - Random key rotation

KW - Resource-limited devices

KW - Side-channel attacks

UR - http://www.scopus.com/inward/record.url?scp=85019089608&partnerID=8YFLogxK

U2 - 10.1016/j.compeleceng.2017.05.007

DO - 10.1016/j.compeleceng.2017.05.007

M3 - Article

AN - SCOPUS:85019089608

SN - 0045-7906

VL - 63

SP - 220

EP - 231

JO - Computers and Electrical Engineering

JF - Computers and Electrical Engineering

ER -

Random key rotation: Side-channel countermeasure of NTRU cryptosystem for resource-limited devices

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this