Solve the CNF by SAT solver

In this paper, we use CryptoMiniSat 5.0 [Soo16a], which won several parts in SAT 2016 competition [SAT16]. CryptoMiniSat can read an extended Conjunctive

Nor-19

doi:10.6342/NTU201602059 mal Form that contains XOR-clauses. This feature is very good to our analysis since

there are many clauses in the constructed equations. One advantage of XOR-clause is that no cutting is needed, which avoids the numerous dummy variables.

And the other is that the solver may reduce the variables by XORing two clauses.

For example, in the Linear Transformation phase

z_1,31= y_1,3+ y_1,118

z_1,48= y_1,3+ y_1,14+ y_1,25+ y_1,100+ y_1,104+ y_1,118

are generated. If we XOR two clause,

0 = z_1,31+ z_1,48+ y_1,14+ y_1,25+ y_1,100+ y_1,104

is obtained. This is simpler and if all the variables are assigned temporary values, SAT solver can determine whether the assignment is valid immediately. The author of CryptoMiniSat claims that preserving XOR-clauses may achieve 2 times speed up [Soo16b]. In Chapter 4, we will show the dierence of solving time between using CNF and using extended CNF.

20

doi:10.6342/NTU201602059

Chapter 4 Experiments

4.1 Setup

The experiment is run on Intel Xeon CPU with two 2.40GHz cores and the memory is 36GB. And the SAT solver used in this experiment is CryptoMinisat 5.0 [Soo16a].

The transforming process, from ANF to CNF, as discussed in Chapter 4 is performed with the help of SageMath [Dev16], an open-source mathematics software based on Python.

As the analysis in Chapter 3, the intermediate bytes used are the 128 bits after key mixing, 128 bits after substitution boxs and 128 bits after the Linear Transfor-mation, for each round. Nevertheless, in the following experiment, only one round information is included to extract the rst round key and the function of the rst S-Box. Because once the rst round information is totally encoded, the input of the second round is also known. Then the situation is just like the rst round. So we only perform the experiment in the rst round and the following rounds are expected to be successful too.

21

doi:10.6342/NTU201602059

4.2 Results

In the rst experiment the Template is assumed totally correct for all bytes, i.e.

the Hamming Weight of all bytes are known. The result is shown in Table 4.1 (without XOR-clause) and 4.2 (with XOR-clause). In fact, the unknown part of the experiment is only S-Box but round key at the beginning. However, the CNFs can be solved for both S-Box and round key unknown. The least number of traces needed is 3. But as the table shows, there is a trade-o between the solving time and the number of traces. The more traces, the more information contained such that the variables leading to conict can be removed sooner. Note that the solving time is median here since median is more representative due to the large variance of solving time.

Besides, the solving time with XOR-clause is faster than without XOR-clause.

The number of literal and clause are also fewer. We have discussed the reason in Chapter 3. This result shows that CryptoMiniSat is really good at dealing with XOR-clauses as the author states.

Table 4.1: Result: Without Error Tolerance (No XOR-clause)

#Trace #Literal #Clause Solving Time (Median)

3 17,331 235,211 545 sec

4 24,203 333,036 140 sec

5 30,366 416,701 34 sec

Table 4.2: Result: Without Error Tolerance (XOR-clause)

#Trace #Literal #Clause Solving Time (Median)

3 7,104 37,784 423 sec

4 9,408 50,437 21 sec

5 11,712 63,007 13 sec

22

doi:10.6342/NTU201602059 To make the algebraic SCA successful with the existence of error, some

modi-cations are indispensable. The details are described in Section 3.4. It is undoubted that more traces are needed to make the solution of SAT problem unique. And the size of CNFs generated by the encoder increases certainly. Thus, it takes much more time to solve the equations. Table 4.3 shows the results with 1 − HW error, i.e.

the system allows the Hamming Weight given by the template is away from the real Hamming Weight by at most 1.

Table 4.3: Result: With Error Tolerance (No XOR-clause)

#Trace #Literal #Clause Solving Time (Median) Success Rate

17 165,719 2,402,210 513 sec 92%

18 177,340 2,568,688 568 sec 98%

19 186,512 2,701,551 616 sec 98%

20 196,341 2,851,993 600 sec 98%

21 203,488 2,948,686 578 sec 100%

22 214,972 3,113,149 555 sec 100%

Table 4.4: Result: With Error Tolerance (XOR-clause)

#Trace #Literal #Clause Solving Time (Median) Success Rate

17 39,360 192,490 175 sec 96%

18 41,664 203,769 169 sec 90%

19 43,968 215,116 153 sec 98%

20 46,272 226,445 156 sec 98%

21 48,576 237,777 167 sec 100%

22 50,880 249,125 112 sec 100%

23

doi:10.6342/NTU201602059

Chapter 5 Conclusion

In this work, an algebraic analysis combined with side-channel information is applied to solve he unknown S-Box problem. Based on Template Attack and Algebraic Side-Channel Analysis, many equations corresponding to operations of the cryptographic algorithm are constructed. And by an ANF-to-CNF converter, the equations can then be solved by a SAT solver.

The target block cipher is Serpent, which is a nalist of AES competition. The experimental results show that this method is successful once a good template is given. Moreover, this method can also tolerate error up to 1-HW error. That is, a template that gives a wrong Hamming Weight that is ±1 away from the correct Hamming Weight is still work.

5.1 Future Works

A sound template is the base of our analysis. Thus, an important thing is to build a template in reality. The technique of building template is not dicult. For a device that does not have any countermeasure against SCA, high success rate templates are expected to be able to achieve. But some experiences are required to perform trace alignment, points choosing and numerical problem.

This type of Side-Channel Analysis is suitable for those countermeasures that 24

doi:10.6342/NTU201602059 aim at changing round functions of block ciphers. In this work, we only deal with

unknown S-Box situation. However, a practical countermeasure may even replace other non-linear parts. So nding out an ecient algebraic representation to write down the equations of other parts, for example, including key schedule, is another work. Finally, this method can be also applied to other block cipher like AES. This is another challenge since the S-Box in AES is 8 × 8.

25

doi:10.6342/NTU201602059

Bibliography

[APSQ06] Cédric Archambeau, Eric Peeters, François-Xavier Standaert, and Jean-Jacques Quisquater. Template attacks in principal subspaces. In CHES, volume 4249 of Lecture Notes in Computer Science, pages 114. Springer, 2006.

[BAK98] Eli Biham, Ross J. Anderson, and Lars R. Knudsen. Serpent: A new block cipher proposal. In FSE, volume 1372 of Lecture Notes in Computer Science, pages 222238. Springer, 1998.

[BCJ07] Gregory V. Bard, Nicolas Courtois, and Chris Jeerson. Ecient meth-ods for conversion and solution of sparse systems of low-degree multi-variate polynomials over GF(2) via sat-solvers. IACR Cryptology ePrint Archive, 2007:24, 2007.

[BCO04] Eric Brier, Christophe Clavier, and Francis Olivier. Correlation power analysis with a leakage model. In CHES, volume 3156 of Lecture Notes in Computer Science, pages 1629. Springer, 2004.

[BGK04] Johannes Blömer, Jorge Guajardo, and Volker Krummel. Provably se-cure masking of AES. In Selected Areas in Cryptography, volume 3357 of Lecture Notes in Computer Science, pages 6983. Springer, 2004.

[CK13] Omar Choudary and Markus G. Kuhn. Ecient template attacks. In CARDIS, volume 8419 of Lecture Notes in Computer Science, pages 253

270. Springer, 2013.

26

doi:10.6342/NTU201602059 [CRR02] Suresh Chari, Josyula R. Rao, and Pankaj Rohatgi. Template attacks. In

CHES, volume 2523 of Lecture Notes in Computer Science, pages 1328.

Springer, 2002.

[Dev16] The Sage Developers. SageMath, the Sage Mathematics Software System (Version 7.1), 2016. http://www.sagemath.org.

[DPRS11] Julien Doget, Emmanuel Prou, Matthieu Rivain, and François-Xavier Standaert. Univariate side channel attacks and leakage modeling. J.

Cryptographic Engineering, 1(2):123144, 2011.

[GBTP08] Benedikt Gierlichs, Lejla Batina, Pim Tuyls, and Bart Preneel. Mu-tual information analysis. In CHES, volume 5154 of Lecture Notes in Computer Science, pages 426442. Springer, 2008.

[GSM⁺10] Sylvain Guilley, Laurent Sauvage, Julien Micolod, Denis Réal, and Frédéric Valette. Defeating any secret cryptography with SCARE at-tacks. In LATINCRYPT, volume 6212 of Lecture Notes in Computer Science, pages 273293. Springer, 2010.

[HTM09] Neil Hanley, Michael Tunstall, and William P. Marnane. Unknown plain-text template attacks. In WISA, volume 5932 of Lecture Notes in Com-puter Science, pages 148162. Springer, 2009.

[JCCC07] Ming-Haw Jing, Zih-Heng Chen, Jian-Hong Chen, and Yan-Haw Chen.

Recongurable system for high-speed and diversied AES using FPGA.

Microprocessors and Microsystems, 31(2):94102, 2007.

[JPS05] Marc Joye, Pascal Paillier, and Berry Schoenmakers. On second-order dierential power analysis. In CHES, volume 3659 of Lecture Notes in Computer Science, pages 293308. Springer, 2005.

27

doi:10.6342/NTU201602059 [KJJ99] Paul C. Kocher, Joshua Jae, and Benjamin Jun. Dierential power

analysis. In CRYPTO, volume 1666 of Lecture Notes in Computer Sci-ence, pages 388397. Springer, 1999.

[MBZ⁺12] Mohamed Saied Emam Mohamed, Stanislav Bulygin, Michael Zohner, Annelie Heuser, and Michael Walter. Improved algebraic side-channel attack on AES. IACR Cryptology ePrint Archive, 2012:84, 2012.

[MOP07] Stefan Mangard, Elisabeth Oswald, and Thomas Popp. Power analysis attacks - revealing the secrets of smart cards. Springer, 2007.

[MPO05] Stefan Mangard, Norbert Pramstaller, and Elisabeth Oswald. Suc-cessfully attacking masked AES hardware implementations. In CHES, volume 3659 of Lecture Notes in Computer Science, pages 157171.

Springer, 2005.

[Nov03] Roman Novak. Side-channel attack on substitution blocks. In ACNS, volume 2846 of Lecture Notes in Computer Science, pages 307318.

Springer, 2003.

[NRR06] Svetla Nikova, Christian Rechberger, and Vincent Rijmen. Threshold implementations against side-channel attacks and glitches. In ICICS, volume 4307 of Lecture Notes in Computer Science, pages 529545.

Springer, 2006.

[RS05] A.G. Rostovtsev and O.V. Shemyakina. Aes side channel attacks pro-tection using random isomorphisms. Cryptology ePrint Archive, Report 2005/087, 2005. http://eprint.iacr.org/.

[RSV09] Mathieu Renauld, François-Xavier Standaert, and Nicolas Veyrat-Charvillon. Algebraic side-channel attacks on the AES: why time also matters in DPA. In CHES, volume 5747 of Lecture Notes in Computer Science, pages 97111. Springer, 2009.

28

doi:10.6342/NTU201602059 [SAT16] Sat competition web page, 2016. Available at http://www.

satcompetition.org/.

[Soo16a] Mate Soos. Cryptominisat 5.0, 2016. Available at https://github.

com/msoos/cryptominisat.

[Soo16b] Mate Soos. Xor clauses, 2016. Available at http://www.msoos.org/

xor-clauses/.

[VMKS12] Nicolas Veyrat-Charvillon, Marcel Medwed, Stéphanie Kerckhof, and François-Xavier Standaert. Shuing against side-channel attacks: A comprehensive study with cautionary note. In ASIACRYPT, volume 7658 of Lecture Notes in Computer Science, pages 740757. Springer, 2012.

[Wik16a] Wikipedia. Advanced encryption standard process  Wikipedia, the free encyclopedia, 2016. [Online; accessed 7-July-2016].

[Wik16b] Wikipedia. Boolean satiability problem, 2016. [Online; accessed 7-July-2016].

[WSH⁺10] Mao-Yin Wang, Chih-Pin Su, Chia-Lung Horng, Cheng-Wen Wu, and Chih-Tsun Huang. Single- and multi-core congurable AES architectures for exible security. IEEE Trans. VLSI Syst., 18(4):541552, 2010.

29