Revealing the key of AES using side channel attacks and Implementing the countermeasure to secure the AES
Side-channel attacks break the encryption key of a cryptosystem utilizing channels, such as sound, time, and Power utilization which is initially not envisaged to release such data. Power analysis is a branch of side-channel attacks where power consumption data is used as the side-channel to attack
2025-06-28 16:34:48 - Adil Khan
Revealing the key of AES using side channel attacks and Implementing the countermeasure to secure the AES
Project Area of Specialization Cyber SecurityProject SummarySide-channel attacks break the encryption key of a cryptosystem utilizing channels, such as sound, time, and Power utilization which is initially not envisaged to release such data. Power analysis is a branch of side-channel attacks where power consumption data is used as the side-channel to attack the system. Firstly, the use of instruments like an oscilloscope power follows are gathered when the cryptographic device is performing the cryptographic activity. At that point, techniques such as Correlation Power Analysis (CPA) used to determine the encryption key of the framework. Being conceivable to break the Advanced Encryption Standard (AES)in no time flat, Power Analysis Attacks have become a genuine security issue for cryptographic devices. Our project is divided into two phases, one is Attack Phase and the second one defend Phase.
In the First Phase, we attack the AES by analyzing the Power Analysis of the device. For this purpose, firstly we build a test-bed that helps us in the power analysis of the cryptographic device. Secondly, we implement the AES algorithm on the cryptographic device called FPGA(ZYNQ 7020) and check the encryption process. After successful implementation of AES, we analyze the power traces of FPGA during the encryption process and attack the device by correlation Power Analysis to reveal the key for data recovery for the third party.
After successfully breaks the encryption key, our next phase of the project started which is to implement countermeasures to secure the cryptographic device from side-channel attacks. In the wake of getting acquainted with the present state of the art, we select a couple of as of now presented countermeasures and essentially attack them on our test-bed to do a similar investigation. In the interim, we also attempt to design our own countermeasures and to improve existing countermeasures. These countermeasures may be both hardware and software-based. In hardware-based countermeasures, we will test the power line filters and try to make them effective by some changes. In software-based countermeasures, we will check the vulnerability of random instruction injection and randomly shuffling S-boxes countermeasures and try to make it more effective.
Project ObjectivesFollowing are the main objectives of our Project.
1.The first objective of our project is the modification of the FPGA test-bed (ZYBO Z7-20)for power analysis based side-channel attacks.
•The objective of modification is to help us in the power analysis of devices and it also helps researchers in the future who are interested in countermeasures to save them from the test-bed setup time and difficultly.
2.The second objective is to do crypt-analysis on an encryption algorithm called AdvancedEncryption Standard (AES).
•AES is currently used worldwide for wireless encryption, processor security, SSL/TSLand in many other security processes.
3.After crypt-analysis of an AES, our next objective is the implementation of an encryption algorithm i.e AES on FPGA.
4. The next objective is to check whether AES is vulnerable to Power Analysis Attack.
•After checking the vulnerability of AES, Co-relation Power Analysis (CPA) Attacks enact on AES for the recovery of the key.
5.At last, we analyze both Hardware and Software based countermeasures and designed the selected one which appears to take an infeasible amount of time to be attacked
Project Implementation MethodOur project started with the implementation of the AES algorithm on the Cryptographicdevice called FPGA (ZYNQ 7020). For the implementation of AES, firstly we design an integer block for FPGA and then designed an SoC for the serial communication with the FPGA. After all these steps, formulate the encryption and decryption code for AES-128 in Verilog on XilinxVivado. Following this, the constraint file is designed for our device according to our code for the consolidation of hardware and software. Consequently, we integrate this whole process for the successful encryption of data forwarded to the device by serial communication.
In the course of the data encryption process, we analyze the power traces of FPGA by using an oscilloscope. For analysis, oscilloscope probes are placed at the test-bed connected to the power and ground pin of the processor. During the encryption process, the power utilization of the device increases. During the encryption process, we obtain the peak power values of samples. We know that one byte of data takes 10 rounds for encryption. From this information, we observe ten cycles for each byte of data, and in this way, we calculate the number of cycles we observe on the oscilloscope. After taking the power samples we implement the CPA algorithm to discover the encryption key. After getting the key, we apply this to encrypted data for decryption.
After successfully attacking the AES algorithm, we implement countermeasures to secure it. For this purpose, we design a filter to apply on the power line to remove the noise from the power line which causes spikes in the power line which helps in the analysis of the Power of the device. Similarly, we will also work on the software-based countermeasures and try to make them safer. After implementing these countermeasures we will again attack AES in the same manner and check whether is it vulnerable or not.
Benefits of the ProjectThe AES algorithm was introduced by the American company (American National Institute of Standards and Technology) used to encrypt the information that is classified. The strength of cryptography depends on the length of the key which can be varied for the AES (128, 192 and256) version. For many years, AES proved itself as the most reliable and effective method to secure personal data or documents. There are some major benefits of ASE as following:
•We can implement the security algorithm in both Hardware and Software.
•It is the most secured known algorithm at that time due to its higher key length.
•As AES is a royalty-free algorithm, so it can be accessible for both private and public sectors.
• Today, AES is used in multiple domains like wireless communication, information classification, etc. due to its broad nature unlikely other encryption algorithms.
As discussed above, the AES algorithm is widely used for security analysis worldwide. Sothis project is very important as many companies' security depends on AES. This means if we break successfully the key, then definitely there is a sign of worry for these companies. So our aim is that firstly, we break this algorithm and then work on the security of this algorithm. The most important part of our project is that we shape our own countermeasures so that this algorithm works securely in any environment. This algorithm is very secured in terms of keys due to the large key sizes of AES(128,192 and 256) bits. As AES has Round functions, every round has 4 steps. AES-128 bits takes 10 round, AES-192 take 12 rounds and AES-256 takes 14rounds for generating the key. But its design is not well protected against side-channel attacks. So the main purpose of doing this project is to make secure this cryptographic algorithm against these types of attacks.
Technical Details of Final DeliverableTechnically, the complexity level of this project is very high. In software-based designing, the first thing is to implement the AES algorithm which is problematic in its implementation. After this implementation, the Uart communication in which data is serially sent is another technical thing as we have a limited number of registers for transmission. For this purpose, we design an SoC which writes the data on 32-bit registers[8] and AES algorithm in Xilinx come pick up the data from these registers sequence and after encryption, it is received by the serial monitor again in the same manner.
In hardware-based, the first problem we faced is the outlining of the power traces of the device. For this purpose, we have designed a test-bed at which connects to the power line of the cryptographic device. This makes it easy for analysing the power traces of the devices during operation. In the end, the last difficulty that we will face is the implementation of a filter on the power line of the device so that it illuminates the noise that appears to the peak. As technically modifying the device always the difficult portion of the project.
Final Deliverable of the Project Software SystemCore Industry SecurityOther IndustriesCore Technology Internet of Things (IoT)Other TechnologiesSustainable Development Goals Industry, Innovation and InfrastructureRequired Resources| Item Name | Type | No. of Units | Per Unit Cost (in Rs) | Total (in Rs) |
|---|---|---|---|---|
| Total in (Rs) | 77000 | |||
| FPGA | Equipment | 1 | 70000 | 70000 |
| Test-Bed | Miscellaneous | 1 | 3000 | 3000 |
| Case | Miscellaneous | 1 | 2000 | 2000 |
| Travelling Cost | Miscellaneous | 1 | 2000 | 2000 |