Abstract
Design for security not only involves the design of security functions which meet price, performance, power, and other constraints, but also resistance to attacks. An attack may be successful in extracting the secret key solely from the side channel signals recorded from a device executing a cryptographic algorithm. In many cases the plaintext of an encryption algorithm additionally may be required by the attacker (known plaintext attack) or may have to be controlled by the attacker (chosen plaintext attack). In some cases the knowledge of the ciphertext (ciphertext attack) along with the side channel signals may be sufficient for an attack. This chapter will introduce the side channel attack and the following chapter will discuss resistance techniques.
I think we’re about to start seeing it on smartphones… These attacks are not theoretical
(Mills 2009)
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
–2 (2001) ISO/IEC Identification cards – Contactless integrated circuit(s) cards – Proximity cards – Part 2: Radio frequency power and signal interface
Agrawal D et al (2001) The EM side-channel…methodologies. Available At http://www.research.ibm.com/intsec/emf.html
Agrawal D et al (2002) The EM side-channel(s). In: Proceedings of CHES 2002, LNCS 2523, Springer, New York, pp 29–45
Agrawal D et al (2003a) Advances in side-channel cryptanalysis EM analysis and template attacks. In: RSA cryptobytes, Vol 6, No 1, Spring 2003, 20–32
Agrawal D et al (2003b) Power, EM and all that: is your crypto device really secure? Presentation at the 7th workshop on Elliptic Curve Cryptography (ECC 2003), Waterloo, Ontario, August 2003. Available At http://www.cacr.math.uwaterloo.ca/conferences/2003/ecc2003/rohatgi.ppt
Agrawal D et al (2003c) Multi-channel attacks. CHES 2003, LNCS 2779, Springer, Berlin Heidelberg, pp 2–16
Berkes J (2008) Side-channel monitoring of contactless Java cards, MASc Thesis, Department of Electrical and Computer Engineering, University of Waterloo
Brier et al (2004) Correlation power analysis with a leakage model. CHES 2004, LNCS 3156: 16–29
Brightsight (2009) Poster discussion at CHES 2009, http://www.brightsight.com
Carlier et al (2004) Electromagnetic side channels of an FPGA implementation of AES. IACR 145, http://eprint.iacr.org/2004/145.pdf
Carsten B (1998) Sniffer probe locates sources of EMI; EDN magazine, June 4, 1998
Chari S et al (2002) Template attacks. CHES2002, LNCS2523, 13–29
Chen X (2004) Simple power analysis threat in embedded devices, MASc Thesis, Department of Electrical and Computer Engineering, University of Waterloo
De Mulder E et al (2005) Electromagnetic analysis attack on an FPGA implementation of an elliptic curve cryptosystem. In: Proceedings of the IEEE international conference on computer as a tool (EUROCON), 1879–1882
Eisenbarth T et al (2008) Physical Cryptanalysis of KEELOQ code hopping applications, http://eprint.iacr.org/2008/058.pdf
Electro-Metrics Inc., Instruction Manual: Near Field Probe Set Broadband Response Model EM-6992, 2004
Fahn PN, Pearson PK (1999) IPA: a new class of power attacks, CHES 1999, LNCS 1717:173–186
Fischer W, Gammel BM, Kniffer O, Velten J (2007) Differential power analysis of stream ciphers, CT-RSA 2007, LNCS 4377, Springer, Berlin Heidelberg, pp 257–270
Gandolfi K et al (2001) Electromagnetic analysis: concrete results. In: Proceedings of CHES, LNCS 2162, Springer, New York, pp 251–261
Gebotys C, Gebotys R (2002) Secure Elliptic Curve Implementations: An Analysis of Resistance to Power Attacks in a DSP processor, Proceedings of CHES 2002, pp 98–113
Gebotys C, White BA (2008a) EM analysis of a wireless Java-based PDA, ACM transactions on embedded computing systems, Vol 7, No 4, Article 44, pp 1–28
Gebotys C (2004) Design of secure cryptography against the threat of power-attacks in DSP embedded processors, ACM Trans Embed Comput syst 3(1):92–113
Gebotys C (2006) A split-mask countermeasure for low-energy secure embedded systems, ACM Trans on Embedded Computing systems 5(3):577–612
Gebotys C, Ho S, Tiu CC (2005) EM analysis of Rijndael an ECC on a wireless java-based PDA, CHES 2005, LNCS 3659 GmbH, pp 250–265
Gebotys C, White BA (2008b) EM alignment using phase for secure embedded systems. Des Autom Embed Syst, Springer, Netherlands, 12(3):185–206
Gerke D, Kimmel B (2002) EDN designers guide to electromagnetic compatibility. Newnes, Oxford
Gierlichs et al (2008) Mutual information analysis – a generic side-channel distinguisher, CHES 2008, LNCS 5154, pp 426–442
Gladman B (2003) A specification for AES, the AES algorithm. Available At fp.gladman.plus.com/cryptography.technology/AES/aes.spec.311.pdf, 18–19
Ho S (2005) EM Analysis of ECC Computations on Mobile Devices, MASc Thesis, Dept of Elec and Comp Engineering, University of Waterloo, Waterloo ON, Canada
Homma N et al (2006) High-resolution side-channel attack using phase-based waveform matching. LNCS CHES 2006 187–200
Itoh K, Takenawa M, Torii N (2002) DPA countermeasure based on the masking method. In: Proceedings of ICISC 2001, LNCS 2288, Springer, New York, pp 440–456
Kizhvatov I (2009) Side channel analysis of AVR XMEGA Crypto Engine, ACM proceedings of Workshop on Embedded Systems Security (WESS), 2009
Kocher P (1996) Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. LNCS 1109, Springer, New York, pp 104–113
Kocher P, Jaffe J, JunN B (1999) Differential power analysis. In: CRYPTO’99, Springer:388–397 (see also announcement in 1998 Introduction to DPA and related attcks http://www.cryptography.com/resources/whitepapers/DPA.pdf
Lemke et al (2004) DPA on n-bit sized boolean and arithmetic operations and its application to IDEA, RC6 and the HMAC construction. CHES2004, LNCS 3156, pp 1611–3349
Mangard S, Oswald E, Popp T (2007) Power analysis attacks – revealing the secrets of smartcards, Springer, New York
Mangard S (2003) Attacks on cryptographic ICs based on radiated emissions. In: Ostermann L (ed) Proceedings of austrochip 2003, 13–16
Messerges T et al (1999) Investigations of power analysis attacks on smartcards, proc of USENIX workshop on smartcard technology
Mills E (2009) Quote by B Jun in “Leaking crypto keys from mobile devices”, CNET news, http://news.cnet.com/8301-27080_3-10379115-245.html
Oren Y, Shamir A (2006) Power analysis of RFID tags. Available At http://www.wisdom.weizmann.ac.il/~yossio/rfid
Philips/NXP Semiconductors. (2003) P8RF5016 – Secure Dual Interface Smart Card IC (Short Form Specification) Revision 1.4
Quisquater J-J et al (2000) A new tool for non-intrusive analysis of smartcards based on EM emissions. In Rump Session, Eurocrypt
Rao JR, Rohatgi P, Scherzer H, Tinguely S (2002) Partitioning attacks: or how to rapidly clone some GSM cards. IEEE Symp Secur Priv:31–41
Riscure (2009) Poster discussion at CHES 2009, http://www.riscure.com
Shamir A (2009) How Cryptosystems Are Really Broken. CS Distinguished Lecture presented at the University of Waterloo, October 2009
Side channel lounge http://www.crypto.ruhr-uni-bochum.de/en_sclounge.html
Standaert FX, Örs SB, Preneel B (2004) Power analysis of an FPGA: implementation of rijndael: is pipelining a DPA countermeasure? CHES 2004, Springer, 2004, LNCS, 3156, 30–44
Star*core (2000) SC140 DSP core reference manual (MNSC140CORE), Rev.1, 6/2000
Sylvester et al (1999) BACPAC – Berkeley Advanced Chip Performance Calculator, http://www.eecs.umich.edu/~dennis/bacpac/bacpac_models.html
Tromer E (2004) Hardware-based cryptanalysis. PhD Dissertation, A. Shamir Advisor, http://people.csail.mit.edu/tromer/phd-dissertation/
Tektronix Inc. (2003) User Manual: Digital Phosphor Oscilloscopes TDS7254
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2010 Springer Science+Business Media, LLC
About this chapter
Cite this chapter
Gebotys, C.H. (2010). Side Channel Attacks on the Embedded System. In: Security in Embedded Devices. Embedded Systems. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-1530-6_8
Download citation
DOI: https://doi.org/10.1007/978-1-4419-1530-6_8
Published:
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-1529-0
Online ISBN: 978-1-4419-1530-6
eBook Packages: EngineeringEngineering (R0)