Transparent Peer Review By Scholar9

Internal and External Re-keying and the way forward

Abstract

Side Channel Analysis are the security attacks due to the issues in the implementations. This attack bypasses the mathematical security provided by the cryptographic algorithms. These attacks are broadly categorized into the issues related to architectural of the chip manufacturing, attack due to unwanted leakages like power leakage, acoustic leakage, thermal leakage or electromagnetic leakages, and the issues due to programming vulnerabilities for example the heartbleed bug etc. The architectural related issues are fixed when the newer version of hardware is designed once the vulnerability is found in the earlier version. The programming related attacks are solved by patching the software and updating the code that caused the vulnerability to be exploited. The leakage issues are the ongoing issues since it was first discovered in 1997. Among the various leakage issues, the acoustic and thermal leakages aids in the attack related to power analysis. The Electromagnetic attack boils down to the power analysis issue and hence, it all comes down to the power analysis attack. Since it was discovered, the researchers have suggested the solutions for them but on the other side, they would also be vulnerable again. The Power analysis attacks are mainly classified into Simple Power Analysis (SPA), Differential Power Analysis (DPA), Correlation Power Analysis (CPA), and profiled attacks. Their countermeasures are mainly masking and rekeying apart from architectural changes. The masking has been researched extensively and have been widely implemented countermeasure. However, it comes with a very big overhead. Therefore, the researchers started exploring the rekeying to counter them. Rekeying has been classified mainly into the internal and external rekeying both having its advantages and disadvantages. There is currently no literature available that discusses both in detail. This work surveys the work on both the approaches and suggest the way forward for the researchers of the re-keying.

Rajkumar Kyadasu Reviewer

Review Request Accepted

Rajkumar Kyadasu Reviewer
16 Apr 2025 01:12 PM

Approved Rating

Relevance and Originality

Methodology

Validity & Reliability

Clarity and Structure

Results and Analysis

Comment

Relevance and Originality:

The research article presents a timely and relevant exploration of side-channel analysis attacks, focusing on power analysis attacks and their countermeasures. Given the ongoing security challenges related to power leakage, this article contributes significantly to the field by surveying existing work on rekeying methods, which is an area that has not been extensively covered in previous literature. The originality lies in addressing the gap between the well-explored topic of masking and the less-documented rekeying approaches. This novel perspective opens up new avenues for future research, particularly in balancing the trade-offs of rekeying techniques. The problem tackled is crucial, as power analysis attacks remain a persistent issue in cryptographic security systems.

Methodology:

The methodology of the research appears sound, as the article takes a survey-based approach to explore both internal and external rekeying strategies in response to power analysis attacks. While no new empirical data is presented, the article is methodical in reviewing existing literature on the topic. The clear categorization of rekeying methods provides valuable insights into the strengths and weaknesses of each approach. However, the lack of original experimental data or case studies to support the claims might limit the depth of the analysis. Future work could benefit from a comparative study that evaluates the effectiveness of these methods in real-world applications, rather than relying solely on theoretical discussions.

Validity & Reliability:

The findings discussed in the research article seem robust in terms of summarizing the existing literature and the ongoing challenges related to side-channel attacks. By identifying both internal and external rekeying strategies, the article highlights the merits and limitations of each approach, providing a balanced view. However, since the article relies primarily on secondary sources, there is a risk that the reliability of the conclusions might be compromised by the quality of the reviewed studies. More empirical evidence or case study analysis would strengthen the validity of the arguments, particularly in evaluating the practical applicability of the proposed solutions.

Clarity and Structure:

The article is well-organized and flows logically from one section to the next. The introduction clearly sets up the problem, and the subsequent sections follow a clear structure, starting with the description of the various side-channel attacks and moving on to the discussion of countermeasures, particularly focusing on rekeying. The language is generally clear, and the argumentation is coherent. However, the technical nature of the content may make it difficult for readers without a background in cryptography or side-channel analysis to fully grasp some of the detailed discussions. Providing more intuitive explanations or visual aids could enhance accessibility for a broader audience.

Result Analysis:

The analysis of the current countermeasures to power analysis attacks, particularly focusing on rekeying strategies, is comprehensive. The comparison between internal and external rekeying methods is insightful, shedding light on their respective advantages and challenges. The article emphasizes that while masking has been widely adopted, its overhead is significant, and rekeying may provide a more efficient solution. However, the lack of direct experimental results or quantitative analysis of the effectiveness of these methods leaves some questions unanswered. The conclusions drawn from the reviewed literature are plausible, but additional data would provide a stronger foundation for the proposed recommendations.