NIST recently completed the SHA-3 competition with the selection of Keccak as the new standard for crypto-graphic hashing. In this paper, we present a comprehensive Side-Channel Analysis of Keccak, when it is used with a secret key to generate a Message Authentication Code (MAC) (MAC-Keccak). Our analysis covers all the variations of the algorithm. We show that the side-channel resistance of the MAC-Keccak depends on the key-length used, and we derive the optimum key-length as ((n * rate) − 1), where (n ∈ [2 : ∞]) and rate is the Keccak input block size. Finally, the paper demonstrates the feasibility of our side-channel analysis with a practical attack against MAC-Keccak implemented on a 32-bit Microblaze processor.
展开▼