Abstract
A recent branch of cryptography focuses on the physical constraints that a real-life cryptographic device must face, and attempts to exploit these constraints (running time, power consumption, ...) to expose the device’s secrets. This gave birth to implementation-specific attacks, which often turned out to be much more efficient than the best known cryptanalytic attacks against the underlying primitive as an idealized object. This paper aims at providing a tutorial on the subject, overviewing the main kinds of attacks and highlighting their underlying principles.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
NSA tempest series, Available at, http://cryptome.org/#NSA–TS
Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM side channel. In: Kaliski, et al. (eds.) [38]
Agrawal, D., Rao, J.R., Rohatgi, P.: Multi-channel attacks. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 2–16. Springer, Heidelberg (2003)
Akkar, M.-L., Giraud, C.: An implementation of DES and AES, secure against some attacks. In: Koç, Ç.K., et al. (eds.) [16]
Anderson, R., Kuhn, M.: Tamper resistance – a cautionary note. In: Proc. of the second USENIX workshop on electronic commerce, Oakland, California, November 18-21, pp. 1–11 (1996)
Anderson, R., Kuhn, M.: Low cost attacks on tamper resistant devices. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 125–136. Springer, Heidelberg (1998)
Anderson, R.J.: Security engineering. Wiley & Sons, New York (2001)
Bernstein, D.J.: Cache-timing attacks on AES (November 2004), Available at, http://cr.yp.to/antiforgery/cachetiming-20050414.pdf
Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)
Blömer, J., Seifert, J.P.: Fault based cryptanalysis of the advanced encryption standard (AES), Cryptology ePrint Archive: Report 2002/075, Available at, http://eprint.iacr.org
Boneh, D. (ed.): CRYPTO 2003. LNCS, vol. 2729. Springer, Heidelberg (2003)
Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)
Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)
Brier, E., Handschuh, H., Tymen, C.: Fast primitives for internal data scrambling in tamper resistant hardware. In: Koç, Ç.K., et al. (eds.) [16], pp. 16–27
Canvel, B., Hiltgen, A., Vaudenay, S., Vuagnoux, M.: Password interception in a SSL/TLS channel. In: Boneh (ed.) [11]
Koç, Ç.K., Naccache, D., Paar, C. (eds.): CHES 2001. LNCS, vol. 2162. Springer, Heidelberg (2001)
Koç, Ç.K., Paar, C. (eds.): CHES 1999. LNCS, vol. 1717. Springer, Heidelberg (1999)
Paar, C., Koç, Ç.K. (eds.): CHES 2000. LNCS, vol. 1965. Springer, Heidelberg (2000)
Chari, S., Jutla, C., Rao, J., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 398. Springer, Heidelberg (1999)
Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski, et al. (eds.) [38]
Chevallier-Mames, B., Ciet, M., Joye, M.: Low-cost solutions for preventing simple side-channel analysis: Side-channel atomicity. IEEE Transactions on Computers 53(6) (2004)
Clavier, C., Coron, J.S., Dabbous, N.: Differential power analysis in the presence of hardware countermeasures. In: Kaliski, et al. (eds.) [39]
Compton, K., Hauck, S.: Reconfigurable computing: A survey of systems and software. ACM Computing Surveys 34(2) (2002)
Coron, J.-S.: Resistance against differential power analysis for elliptic curves cryptosystems. In: Koç, Ç.K., Paar (eds.) [17]
Dhem, J.-F., Koeune, F., Leroux, P.-A., Mestré, P., Quisquater, J.-J., Willems, J.-L.: A practical implementation of the timing attack. In: Schneier, B., Quisquater, J.-J. (eds.) CARDIS 1998. LNCS, vol. 1820, Springer, Heidelberg (2000)
Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: Concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001)
Golic, J.D.: DeKaRT: A new paradigm for key-dependent reversible circuits. In: Kaliski, et al. (eds.) [39], pp. 98–112
Goubin, L., Patarin, J.: DES and differential power analysis: the duplication method. In: Koç, Ç.K., Paar (eds.) [17]
Gutmann, P.: Secure deletion of data from magnetic and solid-state memory. In: Proc. of 6th USENIX Security Symposium, pp. 77–89 (1997)
Gutmann, P.: Data remanence in semiconductor devices. In: Proc. of 7th USENIX Security Symposium (1998)
Handschuh, H., Paillier, P., Stern, J.: Probing attacks on tamper-resistant devices. In: Koç, Ç.K., Paar (eds.) [17]
Ishai, Y., Sahai, A., Wagner, D.: Private circuits: Securing hardware against probing attacks. In: Boneh (ed.) [11]
Itoh, K., Yajima, J., Takenaka, M., Torii, N.: DPA countermeasures by improving the window method. In: Kaliski, B.S., et al. (eds.) [38]
Izu, T., Takagi, T.: Fast parallel elliptic curve multiplications resistant to side channel attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 335–345. Springer, Heidelberg (2002)
Joshi, N., Wu, K., Karry, R.: Concurrent error detection schemes for involution ciphers. In: Koç, Ç.K., Paar, C. (eds.) [18], pp. 400–412
Joye, M., Quisquater, J.-J.: Hessian elliptic curves and side-channel attacks. In: Koç, Ç.K., et al. (eds.) [16]
Joye, M., Lenstra, A.K., Quisquater, J.-J.: Chinese remaindering based cryptosystems in the presence of faults. Journal of cryptology 12(4), 241–245 (1999)
Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.): CHES 2002. LNCS, vol. 2523. Springer, Heidelberg (2003)
Kaliski, B.S., Koç, Ç.K., Paar, C. (eds.): Cryptographic Hardware and Embedded Systems - CHES 2003. LNCS, vol. 2779. Springer, Heidelberg (September 2003)
Karpovsky, M., Kulikowski, K.J., Taubin, A.: Differential fault analysis attack resistant architectures for the advanced encryption standard. In: proceedings of CARDIS 2004 (2004)
Karri, R., Kuznetsov, G., Gössel, M.: Parity-based concurrent error detection of substitution-permutation network block ciphers. In: Kaliski, B.S., et al. (eds.) [39]
Kocher, P.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Kocher, P., Jaffe, J., Jub, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Kömmerling, O., Kuhn, M.G.: Design principles for tamper-resistant smartcard processors. In: Proc. of USENIX Workshop on Smartcard Technology (Smartcard 1999) (1999)
Mace, F., Standaert, F.-X., Hassoune, I., Legat, J.-D., Quisquater, J.-J.: A dynamic current mode logic to counteract power analysis attacks. In: proceedings of DCIS (2004)
Maher, D.P.: Fault induction attacks, tamper resistance, and hostile reverse engineering in perspective. In: Luby, M., Rolim, J.D.P., Serna, M. (eds.) FC 1997. LNCS, vol. 1318. Springer, Heidelberg (1997)
Mangard, S.: Hardware countermeasures against DPA - a statistical analysis of their effectiveness. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 222–235. Springer, Heidelberg (2004)
May, D., Muller, H., Smart, N.: Randomized register renaming to foil DPA. In: Koç, Ç.K., et al. (eds.) [16]
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of applied cryptography. CRC Press, Boca Raton (1997)
Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Investigations of power analysis attacks on smartcards. In: Proc. USENIX Workshop on Smartcard Technology (1999)
Messerges, T.S.: Using second-order power analysis to attack DPA resistant software. In: Koç, Ç.K., Paar, C. (eds.) [18]
Montgomery, P.L.: Modular multiplication without trial division. Mathematics of Computation 44(170), 519–521 (1985)
National Bureau of Standards, FIPS 197, Advanced Encryption Standard, Federal Information Processing Standard, NIST, U.S. Dept. of Commerce (November 2001)
National Bureau of Standards, FIPS PUB 46, The Data Encryption Standard, Federal Information Processing Standard, NIST, U.S. Dept. of Commerce (January 1977)
Ors, S.B., Gurkaynak, F., Oswald, E., Preneel, B.: Power-analysis attack on an asic aes implementation. In: proceedings of ITCC (2004)
Quisquater, J.-J., Samyde, D.: Eddy current for magnetic analysis with active sensor. In: Proc. of Esmart 2002 (2002)
Quisquater, J.-J., Koeune, F.: Side-channel attacks: state-of-the-art. CRYPTREC project deliverable (October 2002), available at, http://www.ipa.go.jp/security/enc/CRYPTREC/fy15/doc/1047_Side_Channel_report.pdf
Quisquater, J.-J., Samyde, D.: A new tool for non-intrusive analysis of smart cards based on electro-magnetic emissions: the SEMA and DEMA methods. Eurocrypt rump session (2000)
Quisquater, J.-J., Samyde, D.: Electromagnetic analysis (EMA): measures and countermeasures for smart cards. In: Attali, S., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 200–210. Springer, Heidelberg (2001)
Rankl, W., Effing, W.: Smart card handbook. John Wiley & Sons, Chichester (1997)
Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public key cryptosystems 21 (1978)
Schindler, W.: Optimized timing attacks against public key cryptosystems. Statistics & Decisions (2000) (to appear)
Schindler, W., Quisquater, J.-J., Koeune, F.: Improving divide and conquer attacks against cryptosystems by better error detection correction strategies. In: Honary, B. (ed.) Cryptography and Coding 2001. LNCS, vol. 2260, pp. 245–267. Springer, Heidelberg (2001)
Shamir, A.: How to check modular exponentiation. In: Presented at the rump session of EUROCRYPT 1997, Konstanz, Germany
Shamir, A.: Protecting smart cards from passive power analysis with detached power supplies. In: Koç, Ç.K., Paar, C. (eds.) [18]
Skorobogatov, S., Anderson, R.: Optical fault induction attacks. In: Kaliski, B.S., et al. (eds.) [38]
Standaert, F.-X., Ors, S.B., Preneel, B.: Power analysis of an fpga implementation of rijndael: is pipelining a dpa countermeasure? In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 30–44. Springer, Heidelberg (2004)
Standaert, F.-X., Ors, S.B., Quisquater, J.-J., Preneel, B.: Power analysis attacks against FPGA implementations of the DES. In: Becker, J., Platzner, M., Vernalde, S. (eds.) FPL 2004. LNCS, vol. 3203, pp. 84–94. Springer, Heidelberg (2004)
Bar-El, H., et al.: The sorcerer’s apprentice guide to fault attacks, Tech. Report 2004/100, IACR eprint archive (2004), Available at, http://eprint.iacr.org
Tiri, K., Akmal, M., Verbauwhede, I.: A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards. In: proceedings of ESSCIRC (2003)
Waddle, J., Wagner, D.: Towards efficient second-order power analysis. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 1–15. Springer, Heidelberg (2004)
Waddle, J.D., Wagner, D.A.: Fault attacks on dual-rail encoded systems, Tech report UCB//CSD-04-1347, UC Berkeley, August 23 (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Koeune, F., Standaert, FX. (2005). A Tutorial on Physical Security and Side-Channel Attacks. In: Aldini, A., Gorrieri, R., Martinelli, F. (eds) Foundations of Security Analysis and Design III. FOSAD FOSAD 2005 2004. Lecture Notes in Computer Science, vol 3655. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11554578_3
Download citation
DOI: https://doi.org/10.1007/11554578_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28955-5
Online ISBN: 978-3-540-31936-8
eBook Packages: Computer ScienceComputer Science (R0)