Side-channel attacks, countermeasures, and evaluations

From NUEESS

General

Side channel attack on a cryptographic system exploits the correlation between the physical leakage data and the targeted sensitive information, such the as secret key. There are several attack methods, and the power analysis attack is of our particular interest. Power analysis attack basically examines plenty of power consumption signals sampled during the cryptographic algorithm computation to retrieve the secret keys accordingly. The two most widely developed techniques for power analysis attacks are DPA (Differential Power Analysis) and CPA (Correlation Power Analysis).

Models

Both DPA and CPA shares a common assumption, which is, a cryptographic system will consume power when its output state changes. This assumption is reasonable, since most modern cryptographic systems are implemented based on semiconductor technology. Output state change means there are electrons charged to, or discharged from the semiconductor transistors, causing current flow and resulting in power consumption. This kind of output state change is also called transition. We will take DES (Data Encryption Standard) as an example to illustrate the DPA and CPA procedure.

The classical DPA on DES attacks 1 single bit of the transition from 15th round output {R15} and 16 round output {R16}, which is R15 XOR R16 as shown in the figure on the right.

Evaluations

Whos here now:   Members 0   Guests 0   Bots & Crawlers 1