Side-Channel Analysis of Grostl and Skein
This paper provides a detailed study of two finalists of the SHA-3 competition from the side-channel analysis point of view. For both functions when used as a MAC, this paper presents detected strategies for performing a power analysis. Besides the classical HMAC mode, two additionally proposed constructions, the envelope MAC for Grostl and the Skein-MAC for Skein, are analyzed. Consequently, examples of software countermeasures thwarting first-order DPA or CPA are given. For the validation of the authors' choices, they implemented HMAC-Grostl, HMAC-Skein as well as countermeasures on a 32-bit ARM-based smart card. They also mounted power analysis attacks in practice on both unprotected and protected implementations.