Presented at COSADE 2021 conference

First Full-Fledged
Side Channel Attack
on HMAC-SHA-2

FortifyIQ presents a novel practical template attack on HMAC-SHA-2
intended primarily against its implementations in hardware.

Thank You!

Mail icon
START READING

Side-channel attacks pose a threat to cryptographic algorithms. HMAC is an important use case of a hash function, in which the input is partially secret and thus unknown to the attacker. Despite a few publications that discuss applications of power analysis techniques to attack HMAC-SHA-2, no generic method that shows a full attack on its hardware implementation has been proposed so far.

FortifyIQ details what is believed to be the first practical attack of this type on a true hardware implementation. All the stages of the attack are discussed, and validated experimentally, demonstrating a full attack implementation up to the discovery of the key derivatives that allow for forging HMAC signatures.

300 Washington Street, Suite 850, Newton, MA 02458 USA