Differential and Correlation Power Analysis Attacks on HMAC-Whirlpool

Author

Zhang, Fan ; Shi, Zhijie Jerry

Author_Institution

Dept. of Comput. Sci. & Eng., Univ. of Connecticut, Storrs, CT, USA

fYear

2011

fDate

11-13 April 2011

Firstpage

359

Lastpage

365

Abstract

In cryptography, a keyed-Hash Message Authentication Code (HMAC) is a type of message authentication code(MAC) calculated with a cryptographic hash function and a secret key. The security of the HMAC relies on the underlying hash function and the secret key. Whirlpool is a block cipher based hash algorithm that has been in public for about ten years. So far no effective attacks have been found on Whirlpool. As a result, HMAC with Whirlpool, i.e., HMAC-Whirlpool, is supposed to be secure. In this paper, we demonstrate that HMAC-Whirlpool is vulnerable to power analysis attacks. We designed two types of attacks: one is based on Differential Power Analysis (DPA) and the other on Correlation Power Analysis (CPA). We successfully launched the attacks at HMAC-Whirlpool running on an Atmel AVR processor. We also compared the attacks in terms of the number of power traces needed.

Keywords

cryptography; message authentication; microprocessor chips; Atmel AVR processor; HMAC-whirlpool; block cipher based hash algorithm; correlation power analysis attacks; cryptographic hash function; differential power analysis; keyed-hash message authentication code; secret key; Correlation; Cryptography; Data analysis; Hamming weight; Helium; Power demand; Power measurement; CPA; DPA; HMAC; Whirlpool;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Technology: New Generations (ITNG), 2011 Eighth International Conference on

Conference_Location

Las Vegas, NV

Print_ISBN

978-1-61284-427-5

Electronic_ISBN

978-0-7695-4367-3

Type

conf

DOI

10.1109/ITNG.2011.70

Filename

5945261