Abstract | Keywords | Export | Availability | Bookmark

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

Due to recent developments in embedded device technology, it became apparent that a new cryptographic protocols where required which are suited to small, constrained devices operating in large interconnected communication networks where the bulk of message payloads only encompass few bytes. The field of lightweight cryptography set out to design new primitives which better suit this class of devices compared to the more heavyweight current standards and in 2018, the U.S. based NIST agency issued the start of a new standardization process within this context. In the light of this competition, a new cryptographic scheme called ForkAE was presented which implements a new procedure called forking. This thesis evaluates software implementations of ForkSkinny - the underlying primitive of ForkAE - in the context of power analysis attacks, a class of side-channel analysis which uses measurements of instantaneous power consumption to extract sensitive information from a target device. To this end, specific power analysis attack are devised and applied to the basic version of the cipher in order to asses vulnerability to these type of attacks. The effect of the forking procedure is analysed and it is shown that this procedure can aid attackers in extracting information more easily. In order to protect against power analysis, the masking countermeasure is deployed after a thorough discussion of the different methods and algorithms that this class of countermeasures encompasses. Software implementations for different masking orders, which use masked look-up tables in order to evaluate the non-linear S-box of the ForkSkinny round function, are presented and analyzed on a 32-bit architecture ARM Cortex-M4 platform. Lastly, the first and second order masked software implementations are subjected to leakage asssesment tests to analyze the resistance they provide against power analysis. ARM Assembly optimizations, following a programming methodology which aims to further minimize the leakage of information through the power side-channel, are then presented and these improved implementations are also subjected to the leakage tests. These optimized functions are shown to further limit the leakage, albeit at a loss in terms of performance.