Journal of Cryptographic Engineering

, Volume 3, Issue 1, pp 3–15 | Cite as

Simple photonic emission analysis of AES

  • Alexander Schlösser
  • Dmitry Nedospasov
  • Juliane Krämer
  • Susanna Orlic
  • Jean-Pierre Seifert
CHES 2012


This work presents a novel low-cost optoelectronic setup for time- and spatially resolved analysis of photonic emissions and a corresponding methodology, Simple Photonic Emission Analysis (SPEA). Observing the backside of ICs, the system captures extremly weak photo-emissions from switching transistors and relates them to code running in the chip. SPEA utilizes both spatial and temporal information about these emissions to perform side channel analysis of ICs. We successfully performed SPEA of a proof-of-concept AES implementation and were able to recover the full AES secret key by monitoring accesses to the S-Box. This attack directly exploits the side channel leakage of a single transistor and requires no additional data processing. The system costs and the necessary time for an attack are comparable to power analysis techniques. The presented approach significantly reduces the amount of effort required to perform attacks based on photonic emission analysis and allows AES key recovery in a relevant amount of time. We present practical results for the AVR ATMega328P and the AVR XMega128A1.


Photonic side channel Side channel analysis Emission analysis Optical Temporal and spatial analysis AES Full key recovery 



The authors acknowledge support by the German Federal Ministry of Education and Research in the project PhotonDA through Grant number 01IS10029A and the Helmholtz Research School on Security Technologies. Also, the authors would like to thank our project partners at NXP Semiconductors Germany for their insight and cooperation, the Semiconductor Devices research group at TU Berlin for sample preparation and our colleagues Enrico Dietz, Sven Frohmann, Collin Mulliner and Christoph Bayer for helpful discussions and feedback.


  1. 1.
    Photon-DA AES Implementation (2012). URL
  2. 2.
    Bascoul, G., Perdu, P., Benigni, A., Dudit, S., Celi, G., Lewis, D.: Time Resolved Imaging: From logical states to events, a new and efficient pattern matching method for VLSI analysis. Microelect. Reliab 51(9–11), 1640–1645 (2011). doi: 10.1016/j.microrel.2011.06.043
  3. 3.
    Bernstein, D.: Cache-timing attacks on AES (2004). URL
  4. 4.
    Chynoweth, A.G., McKay, K.G.: Photon emission from avalanche breakdown in silicon. Phys. Rev. 102, 369–376 (1956). doi: 10.1103/PhysRev.102.369 CrossRefGoogle Scholar
  5. 5.
    Clavier, C., Coron, J.S., Dabbous, N.: Differential power analysis in the presence of hardware countermeasures. In: Koç, C. Paar, C. (eds.) Cryptographic hardware and embedded systems – CHES 2000, Lecture notes in computer science, vol. 1965, pp. 13–48. Springer Berlin / Heidelberg (2000). URL
  6. 6.
    Daemen, J., Rijmen, V.: The design of Rijndael: AES - the Advanced Encryption Standard. Springer Berlin/Heidelberg (2002)Google Scholar
  7. 7.
    Di-Battista, J., Courrege, J.C., Rouzeyre, B., Torres, L., Perdu, P.: When Failure Analysis Meets Side-Channel Attacks. In: Mangard, S. Standaert F.X. (eds.) Cryptographic Hardware and Embedded Systems – CHES 2010, Lecture Notes in Computer Science, vol. 6225, pp. 188–202. Springer Berlin/Heidelberg (2011). URL
  8. 8.
    Egger, P., Grutzner, M., Burmer, C., Dudkiewicz, F.: Application of time resolved emission techniques within the failure analysis flow. Microelect. Reliab. 47(9—-11), 1545–1549 (2007). doi: 10.1016/j.microrel.2007.07.067 Google Scholar
  9. 9.
    Ferrigno, J., Hlaváč, M.: When AES blinks: introducing optical side channel. Infor. Secur. IET 2(3), 94–98 (2008). doi: 10.1049/iet-ifs:20080038 CrossRefGoogle Scholar
  10. 10.
    Gullasch, D., Bangerter, E., Krenn, S.: Cache games - bringing access-based cache attacks on AES to practice. In: Security and Privacy, 2011 IEEE Symposium on, pp. 490–505 (2011). URL
  11. 11.
    Heyszl, J., Mangard, S., Heinz, B., Stumpf, F., Sigl, G.: Localized electromagnetic analysis of cryptographic implementations. In: O. Dunkelman, (ed.) Topics in cryptology – CT-RSA 2012, Lecture notes in computer science, vol. 7178, pp. 231–244. Springer Berlin / Heidelberg (2012). URL
  12. 12.
    Kash, J., Tsang, J.: Dynamic internal testing of CMOS circuits using hot luminescence. Elect. Dev. Lett. IEEE 18(7), 330–332 (1997). doi: 10.1109/55.596927 CrossRefGoogle Scholar
  13. 13.
    Lanzoni, M., Manfredi, M., Selmi, L., Sangiorgi, E., Capelletti, R., Ricco, B.: Hot-electron-induced photon energies in n-channel MOSFETs operating at 77 and 300 K. Elect. Dev. Lett. IEEE 10(5), 173–176 (1989). doi: 10.1109/55.31711 CrossRefGoogle Scholar
  14. 14.
    Nedospasov, D., Schlösser, A., Seifert, J., Orlic, S.: Functional integrated circuit analysis. In: Hardware-Oriented Security and Trust (HOST), 2012 IEEE International Symposium on (2012)Google Scholar
  15. 15.
    Newman, R.: Visible light from a silicon $p-n$ junction. Phys. Rev. 100, 700–703 (1955). doi: 10.1103/PhysRev.100.70 CrossRefGoogle Scholar
  16. 16.
    Nohl, K., Evans, D., Starbug, S.: Reverse-engineering a cryptographic RFID tag. 17th USENIX security symposium, pp. 185–193 (2008). URL
  17. 17.
    Pavesi, M., Rigolli, P., Manfredi, M., Palestri, P., Selmi, L.: Spontaneous hot-carrier photon emission rates in silicon: Improved modeling and applications to metal oxide semiconductor devices. Phy. Rev. B 65(19), 1–8 (2002). doi: 10.1103/PhysRevB.65.195209 CrossRefGoogle Scholar
  18. 18.
    Rabaey, J.M., Chandrakasan, A.: Digital Integrated Circuits, 2nd edn. A Design Prespective, Pearson Education (2003)Google Scholar
  19. 19.
    Rankl, W., Effing, W.: Smart Card Handbook, 4th edn. Wiley (2010)Google Scholar
  20. 20.
    Skorobogatov, S.: Using Optical Emission Analysis for Estimating Contribution to Power Analysis. In: Fault Diagnosis and Tolerance in Cryptography (FDTC), 2009 Workshop on, pp. 111–119 (2009). doi: 10.1109/FDTC.2009.39
  21. 21.
    Song, P., Stellari, F., Huott, B., Wagner, O., Srinivasan, U., Chan, Y., Rizzolo, R., Nam, H., Eckhardt, J., McNamara, T., Tong, C.L., Weger, A., McManus, M.: An advanced optical diagnostic technique of IBM z990 eServer microprocessor, vol. 9, p. 1235 (2005). doi: 10.1109/TEST.2005.1584091
  22. 22.
    Tam, S., Hsu, F., Ko, P., Hu, C., Muller, R.: Spatially resolved observation of visible-light emission from Si MOSFET’s. IEEE Elect. Dev. Lett. 4(10), 386–388 (1983). doi: 10.1109/EDL.1983.25773 CrossRefGoogle Scholar
  23. 23.
    Toriumi, A., Yoshimi, M., Iwase, M., Akiyama, Y., Taniguchi, K.: A study of photon emission from n-channel MOSFET’s. IEEE Trans. Elect. Dev. 34(7), 1501–1508 (1987). doi: 0.1109/T-ED.1987.23112 CrossRefGoogle Scholar
  24. 24.
    Tosi, A., Stellari, F., Pigozzi, A., Marchesi, G., Zappa, F., Heights, Y.: A Challenge for emission based testing and diagnostics. Reliab. phy. pp. 595–601 (2006). doi: 10.1109/RELPHY.2006.251284
  25. 25.
    Tsang, J.C., Fischetti, M.V.: Why hot carrier emission based timing probes will work for 50 nm, 1V CMOS technologies. Microelect. Reliab. pp. 1465–1470 (2001). doi: 10.1016/S0026-2714(01)00194-9
  26. 26.
    Tsang, J.C., Kash, J.A., Vallett, D.P.: Picosecond imaging circuit analysis. IBM J. Res. Develop. 44(4), 583–603 (2000). doi: 10.1147/rd.444.0583 Google Scholar
  27. 27.
    Villa, S., Lacaita, A., Pacelli, A.: Photon emission from hot electrons in silicon. Phy. Rev. B 52(15), 10,993–10,999 (1995). doi: 10.1103/PhysRevB.52.10993 CrossRefGoogle Scholar
  28. 28.
    Weste, N.H.E., Harris, D.: CMOS VLSI Design: A Circuits and Systems Perspective, 4th edn. Addison Wesley (2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Alexander Schlösser
    • 1
  • Dmitry Nedospasov
    • 2
  • Juliane Krämer
    • 2
  • Susanna Orlic
    • 1
  • Jean-Pierre Seifert
    • 2
  1. 1.Optical Technologies, Institute of Optics and Atomic PhysicsTechnische Universität BerlinBerlinGermany
  2. 2.Department of Software Engineering and Theoretical Computer Science, Security in TelecommunicationsTechnische Universität BerlinBerlinGermany

Personalised recommendations