Recovering the CTR_DRBG state in 256 traces

Recovering the CTR_DRBG state in 256 traces

The NIST CTR_DRBG specification prescribes a maximum size on each random number request, limiting the number of encryptions in CTR mode with the same key to 4 096. Jaffe’s attack on AES in CTR mode without knowledge of the nonce from CHES 2007 requires 216 traces, which is safely above this recomme...

Full description

Bibliographic Details
Main Author: Lauren De Meyer
Format: Article
Language:English
Published: Ruhr-Universität Bochum 2019-11-01
Series:Transactions on Cryptographic Hardware and Embedded Systems
Subjects:
DPA
SCA
CPA
AES
CTR
PRNG
Online Access:https://tches.iacr.org/index.php/TCHES/article/view/8392

Internet

https://tches.iacr.org/index.php/TCHES/article/view/8392

Similar Items