Side-Channel Power Analysis of XTS-AES

Chao Luo^1,a, Yunsi Fei^1,b and A. Adam Ding^2
1Department of Electrical & Computer Engineering, Northeastern University, Boston, MA 02115, USA.
^aluochao@ece.neu.edu
^byfei@ece.neu.edu
²Department of Mathematics, Northeastern University, Boston, MA 02115, USA.
a.ding@neu.edu

ABSTRACT

XTS-AES is an advanced mode of AES for data protection of sector-based devices. Compared to other AES modes, it features two secret keys instead of one, and an additional tweak for each data block. These characteristics make the mode not only resistant against cryptoanalysis attacks, but also more challenging for side-channel attack. In this paper, we propose two attack methods on XTS-AES overcoming these challenges. In the first attack, we analyze side-channel leakage of the particular modular multiplication in XTS-AES mode. In the second one, we utilize the relationship between two consecutive block tweaks and propose a method to work around the masking of ciphertext by the tweak. These attacks are verified on an FPGA implementation of XTS-AES. The results show that XTS-AES is susceptible to side-channel power analysis attacks, and therefore dedicated protections are required for security of XTS-AES in storage devices.

---

Full Text (PDF)

© 2017 EDAA. All rights reserved.