{"title":"Side-Channel Analysis of MAC-Keccak","authors":"Mostafa M. I. Taha, P. Schaumont","doi":"10.1109/HST.2013.6581577","DOIUrl":null,"url":null,"abstract":"NIST recently completed the SHA-3 competition with the selection of Keccak as the new standard for crypto-graphic hashing. In this paper, we present a comprehensive Side-Channel Analysis of Keccak, when it is used with a secret key to generate a Message Authentication Code (MAC) (MAC-Keccak). Our analysis covers all the variations of the algorithm. We show that the side-channel resistance of the MAC-Keccak depends on the key-length used, and we derive the optimum key-length as ((n * rate) - 1), where (n ∈ [2 : ∞]) and rate is the Keccak input block size. Finally, the paper demonstrates the feasibility of our side-channel analysis with a practical attack against MAC-Keccak implemented on a 32-bit Microblaze processor.","PeriodicalId":6337,"journal":{"name":"2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)","volume":"92 9 1","pages":"125-130"},"PeriodicalIF":0.0000,"publicationDate":"2013-06-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"29","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HST.2013.6581577","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 29
Abstract
NIST recently completed the SHA-3 competition with the selection of Keccak as the new standard for crypto-graphic hashing. In this paper, we present a comprehensive Side-Channel Analysis of Keccak, when it is used with a secret key to generate a Message Authentication Code (MAC) (MAC-Keccak). Our analysis covers all the variations of the algorithm. We show that the side-channel resistance of the MAC-Keccak depends on the key-length used, and we derive the optimum key-length as ((n * rate) - 1), where (n ∈ [2 : ∞]) and rate is the Keccak input block size. Finally, the paper demonstrates the feasibility of our side-channel analysis with a practical attack against MAC-Keccak implemented on a 32-bit Microblaze processor.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
