Differential Power Analysis of HMAC SHA-2 in the Hamming Weight Model
International audience As any algorithm manipulating secret data, HMAC is potentially vulnerable to side channel attacks. In 2007, McEvoy et al. proposed a differential power analysis attack against HMAC instantiated with hash functions from the SHA-2 family. Their attack works in the Hamming distan...
Main Authors: | , , , , |
---|---|
Other Authors: | , , , , , , , , , |
Format: | Conference Object |
Language: | English |
Published: |
HAL CCSD
2013
|
Subjects: | |
Online Access: | https://hal.inria.fr/hal-00872410 https://hal.inria.fr/hal-00872410/document https://hal.inria.fr/hal-00872410/file/articleHMAC.pdf |
Summary: | International audience As any algorithm manipulating secret data, HMAC is potentially vulnerable to side channel attacks. In 2007, McEvoy et al. proposed a differential power analysis attack against HMAC instantiated with hash functions from the SHA-2 family. Their attack works in the Hamming distance leakage model and makes strong assumptions on the target implementation. In this paper, we present an attack on HMAC SHA-2 in the Hamming weight leakage model, which advantageously can be used when no information is available on the targeted implementation. Furthermore, our attack can be adapted to the Hamming distance model with weaker assumptions on the implementation. We show the feasibility of our attack on simulations, and we study its overall cost and success rate. We also provide an evaluation of the performance overhead induced by the countermeasures necessary to avoid the attack. |
---|