Time Is Not Enough: Timing Leakage Analysis on Cryptographic Chips via Plaintext-Ciphertext Correlation in Non-Timing Channel

Congming Wei; Guangze Hong; An Wang; Jing Wang; Shaofei Sun; Yaoling Ding; Liehuang Zhu; Wenrui Ma

doi:10.1109/TIFS.2024.3449119

Time Is Not Enough: Timing Leakage Analysis on Cryptographic Chips via Plaintext-Ciphertext Correlation in Non-Timing Channel

Congming Wei, Guangze Hong, An Wang^*, Jing Wang, Shaofei Sun, Yaoling Ding, Liehuang Zhu, Wenrui Ma^*

^*此作品的通讯作者

科研成果: 期刊稿件 › 文章 › 同行评审

摘要

In side-channel testing, the standard timing analysis works when the vendor can provide a measurement to indicate the execution time of cryptographic algorithms. In this paper, we find that there exists timing leakage in power/electromagnetic channels, which is often ignored in traditional timing analysis. Hence a new method of timing analysis is proposed to deal with the case where execution time is not available. Different execution time leads to different execution intervals, affecting the locations of plaintext and ciphertext transmission. Our method detects timing leakage by studying changes in plaintext-ciphertext correlation when traces are aligned forward and backward. Experiments are then carried out on different cryptographic devices. Furthermore, we propose an improved timing analysis framework which gives appropriate methods for different scenarios.

源语言	英语
页（从-至）	8544-8558
页数	15
期刊	IEEE Transactions on Information Forensics and Security
卷	19
DOI	https://doi.org/10.1109/TIFS.2024.3449119
出版状态	已出版 - 2024

访问文件

10.1109/TIFS.2024.3449119

其它文件与链接

链接到 Scopus 的出版物

引用此

@article{bd317ff5512b407399741377eb4b4ffd,

title = "Time Is Not Enough: Timing Leakage Analysis on Cryptographic Chips via Plaintext-Ciphertext Correlation in Non-Timing Channel",

abstract = "In side-channel testing, the standard timing analysis works when the vendor can provide a measurement to indicate the execution time of cryptographic algorithms. In this paper, we find that there exists timing leakage in power/electromagnetic channels, which is often ignored in traditional timing analysis. Hence a new method of timing analysis is proposed to deal with the case where execution time is not available. Different execution time leads to different execution intervals, affecting the locations of plaintext and ciphertext transmission. Our method detects timing leakage by studying changes in plaintext-ciphertext correlation when traces are aligned forward and backward. Experiments are then carried out on different cryptographic devices. Furthermore, we propose an improved timing analysis framework which gives appropriate methods for different scenarios.",

keywords = "Timing analysis, plaintext-ciphertext correlation, side-channel analysis, timing leakage",

author = "Congming Wei and Guangze Hong and An Wang and Jing Wang and Shaofei Sun and Yaoling Ding and Liehuang Zhu and Wenrui Ma",

note = "Publisher Copyright: {\textcopyright} 2005-2012 IEEE.",

year = "2024",

doi = "10.1109/TIFS.2024.3449119",

language = "English",

volume = "19",

pages = "8544--8558",

journal = "IEEE Transactions on Information Forensics and Security",

issn = "1556-6013",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - JOUR

T1 - Time Is Not Enough

T2 - Timing Leakage Analysis on Cryptographic Chips via Plaintext-Ciphertext Correlation in Non-Timing Channel

AU - Wei, Congming

AU - Hong, Guangze

AU - Wang, An

AU - Wang, Jing

AU - Sun, Shaofei

AU - Ding, Yaoling

AU - Zhu, Liehuang

AU - Ma, Wenrui

PY - 2024

Y1 - 2024

N2 - In side-channel testing, the standard timing analysis works when the vendor can provide a measurement to indicate the execution time of cryptographic algorithms. In this paper, we find that there exists timing leakage in power/electromagnetic channels, which is often ignored in traditional timing analysis. Hence a new method of timing analysis is proposed to deal with the case where execution time is not available. Different execution time leads to different execution intervals, affecting the locations of plaintext and ciphertext transmission. Our method detects timing leakage by studying changes in plaintext-ciphertext correlation when traces are aligned forward and backward. Experiments are then carried out on different cryptographic devices. Furthermore, we propose an improved timing analysis framework which gives appropriate methods for different scenarios.

AB - In side-channel testing, the standard timing analysis works when the vendor can provide a measurement to indicate the execution time of cryptographic algorithms. In this paper, we find that there exists timing leakage in power/electromagnetic channels, which is often ignored in traditional timing analysis. Hence a new method of timing analysis is proposed to deal with the case where execution time is not available. Different execution time leads to different execution intervals, affecting the locations of plaintext and ciphertext transmission. Our method detects timing leakage by studying changes in plaintext-ciphertext correlation when traces are aligned forward and backward. Experiments are then carried out on different cryptographic devices. Furthermore, we propose an improved timing analysis framework which gives appropriate methods for different scenarios.

KW - Timing analysis

KW - plaintext-ciphertext correlation

KW - side-channel analysis

KW - timing leakage

UR - http://www.scopus.com/inward/record.url?scp=85201745283&partnerID=8YFLogxK

U2 - 10.1109/TIFS.2024.3449119

DO - 10.1109/TIFS.2024.3449119

M3 - Article

AN - SCOPUS:85201745283

SN - 1556-6013

VL - 19

SP - 8544

EP - 8558

JO - IEEE Transactions on Information Forensics and Security

JF - IEEE Transactions on Information Forensics and Security

ER -

Time Is Not Enough: Timing Leakage Analysis on Cryptographic Chips via Plaintext-Ciphertext Correlation in Non-Timing Channel

摘要

访问文件

其它文件与链接

指纹

引用此