Evaluating AES Security: Correlation Power Analysis Attack Implementation using the Switching Distance Power Model
Received: 26 November 2024 | Revised: 21 December 2024 | Accepted: 6 January 2025 | Online: 2 February 2025
Corresponding author: Hassen Mestiri
Abstract
Cryptographic circuits play a critical role in safeguarding confidential information and ensuring secure communication, contributing to the resilience of digital infrastructure under SDG 9 (Industry, Innovation, and Infrastructure). These circuits store encryption keys for the Advanced Encryption Standard (AES) algorithm, including AES-128, AES-192, and AES-256, which are widely used in applications such as online banking and secure messaging platforms. This paper examines the effectiveness of Correlation Power Analysis (CPA), a side-channel attack technique that exploits power consumption patterns in cryptographic circuits, to highlight the challenges of implementing secure encryption systems. The study illustrates the CPA attack procedure against AES implemented on the SASEBO-GII FPGA platform. Experimental results reveal that while the CPA attack based on the Hamming Weight (HW) power consumption model fails to extract the encryption key, the Switching Distance (SD) power consumption model successfully recovers the entire key with a 100% success rate using approximately 4000 power traces. These findings underscore the vulnerability of cryptographic circuits to advanced side-channel attacks and emphasize the need for robust countermeasures to ensure secure data protection, thereby advancing secure and sustainable digital environments under SDG 11 (Sustainable Cities and Communities).
Keywords:
cryptographic circuits, power consumption model, switching distance, CPA attackDownloads
References
H. Mestiri and I. Barraj, "High-Speed Hardware Architecture Based on Error Detection for KECCAK," Micromachines, vol. 14, no. 6, May 2023, Art. no. 1129.
H. Mestiri, I. Barraj, T. Saidani, and M. Machhout, "Α PRESENT Lightweight Algorithm High-Level SystemC Modeling using AOP Approach," Engineering, Technology & Applied Science Research, vol. 14, no. 5, pp. 16772–16777, Oct. 2024.
O. A. Sosa, Z. Dyka, I. Kabin, and P. Langendörfer, "Simulation of Electromagnetic Emanation of Cryptographic ICs: Tools, Methods, Problems," in IEEE East-West Design & Test Symposium, Batumi, Georgia, Sep. 2021, pp. 1–5.
M. Lipp et al., "PLATYPUS: Software-based Power Side-Channel Attacks on x86," in IEEE Symposium on Security and Privacy, San Francisco, CA, USA, Dec. 2021, pp. 355–371.
Z. H. Jiang, Y. Fei, and D. Kaeli, "A Novel Side-Channel Timing Attack on GPUs," in Great Lakes Symposium on VLSI, Alberta, Canada, Dec. 2017, pp. 167–172.
Y.-S. Won, B.-Y. Sim, and J.-Y. Park, "Key Schedule against Template Attack-Based Simple Power Analysis on a Single Target," Applied Sciences, vol. 10, no. 11, Jan. 2020, Art. no. 3804.
B.-A. Dao, T.-T. Hoang, A.-T. Le, A. Tsukamoto, K. Suzaki, and C.-K. Pham, "Exploiting the Back-Gate Biasing Technique as a Countermeasure Against Power Analysis Attacks," IEEE Access, vol. 9, pp. 24768–24786, Jan. 2021.
J. Chen, J.-S. Ng, K.-S. Chong, Z. Lin, and B.-H. Gwee, "A Novel Normalized Variance-Based Differential Power Analysis Against Masking Countermeasures," IEEE Transactions on Information Forensics and Security, vol. 16, pp. 3767–3779, 2021.
M. Asfand Hafeez, M. Mazyad Hazzazi, H. Tariq, A. Aljaedi, A. Javed, and A. R. Alharbi, "A Low-Overhead Countermeasure against Differential Power Analysis for AES Block Cipher," Applied Sciences, vol. 11, no. 21, Jan. 2021, Art. no. 10314.
J.-S. Ng et al., "A Highly Efficient Power Model for Correlation Power Analysis (CPA) of Pipelined Advanced Encryption Standard (AES)," in IEEE International Symposium on Circuits and Systems, Seville, Spain, Oct. 2020, pp. 1–5.
Y. Jeon, J. H. Jung, and J. W. Yoon, "Efficient Correlation Power Analysis (CPA) Focusing on Byte-Wise Calculation Points," IEEE Access, vol. 9, pp. 74275–74285, Jan. 2021.
J. Han, Y.-J. Kim, S.-J. Kim, B.-Y. Sim, and D.-G. Han, "Improved Correlation Power Analysis on Bitslice Block Ciphers," IEEE Access, vol. 10, pp. 39387–39396, Jan. 2022.
N.-T. Do and V.-P. Hoang, "An Efficient Side Channel Attack Technique with Improved Correlation Power Analysis," in International Conference on Industrial Networks and Intelligent Systems, Hanoi, Vietnam, Aug. 2020, pp. 291–300.
Z. Zhang, I. Miketic, E. Salman, and Q. Yu, "Assessing Correlation Power Analysis (CPA) Attack Resilience of Transistor-Level Logic Locking," in Great Lakes Symposium on VLSI, Jun. 2021, pp. 415–420.
R. D. Silva, I. Navarathna, M. Kumarasiri, C. W. Chuah, and J. Alawatugoda, "Correlation power analysis attack on software implementation of TRIVIUM stream cipher," International Journal of Information and Computer Security, vol. 19, no. 3–4, pp. 379–401, Jan. 2022.
T.-H. Tran, B.-A. Dao, T.-T. Hoang, V.-P. Hoang, and C.-K. Pham, "Transition Factors of Power Consumption Models for CPA Attacks on Cryptographic RISC-V SoC," IEEE Transactions on Computers, vol. 72, no. 9, pp. 2689–2700, Sep. 2023.
S. D. Putra, A. D. W. Sumari, I. Asrowardi, and E. Subyantoro, "Power Analysis in Hamming Weight Model: Attacking IoT Encryption Devices," in 4th International Conference on Signal Processing and Information Security, Dubai, United Arab Emirates, Nov. 2021, pp. 41–44.
K. Coelho, D. Damião, G. Noubir, A. Borges, M. Nogueira, and J. Nacif, "Cryptographic Algorithms in Wearable Communications: An Empirical Analysis," IEEE Communications Letters, vol. 23, no. 11, pp. 1931–1934, Aug. 2019.
K.-L. Tsai, F.-Y. Leu, I. You, S.-W. Chang, S.-J. Hu, and H. Park, "Low-Power AES Data Encryption Architecture for a LoRaWAN," IEEE Access, vol. 7, pp. 146348–146357, Jan. 2019.
Y. Nomata, M. Matsubayashi, K. Sawada, and A. Satoh, "Comparison of side-channel attack on cryptographic cirucits between old and new technology FPGAs," in 5th Global Conference on Consumer Electronics, Kyoto, Japan, Oct. 2016, pp. 1–4.
M. Bedoui, H. Mestiri, B. Bouallegue, M. Marzougui, M. Qayyum, and M. Machhout, "An improved and efficient countermeasure against fault attacks for AES," in 2nd International Conference on Anti-Cyber Crimes, Abha, Saudi Arabia, Mar. 2017, pp. 209–212.
H. Mestiri, I. Barraj, A. Alsir Mohamed, and M. Machhout, "An Efficient AES 32-Bit Architecture Resistant to Fault Attacks," Computers, Materials & Continua, vol. 70, no. 2, pp. 3667–3683, 2022.
W. Cao, F. Huang, M. Zheng, and H. Hu, "Attacking FPGA-based Dual Complementary AES Implementation Using HD and SD Models," in 16th International Conference on Computational Intelligence and Security, Guangxi, China, Nov. 2020, pp. 278–282.
X. Fan, J. Tong, Y. Li, X. Duan, and Y. Ren, "Power Analysis Attack Based on Hamming Weight Model without Brute Force Cracking," Security and Communication Networks, vol. 2022, no. 1, 2022, Art. no. 7375097.
"NSF IUCRC." https://chest.coe.neu.edu/.
H. Liu, G. Qian, S. Goto, and Y. Tsunoo, "AES Key Recovery Based on Switching Distance Model," in Third International Symposium on Electronic Commerce and Security, Nanchang, China, Jul. 2010, pp. 218–222.
Downloads
How to Cite
License
Copyright (c) 2025 Hassen Mestiri
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.
