Journal of Cryptographic Engineering

, Volume 5, Issue 1, pp 53–69 | Cite as

Synchronous sampling and clock recovery of internal oscillators for side channel analysis and fault injection

Regular Paper

Abstract

Measuring power consumption for side channel analysis typically uses an oscilloscope, which measures the data relative to an internal sample clock. By synchronizing the sampling clock to the clock of the target device, the sample rate requirements are considerably relaxed; the attack will succeed with a much lower sample rate. This work characterizes the performance of a synchronous sampling system attacking a modern microcontroller running a software AES implementation. This attack is characterized under four conditions: with a stable crystal oscillator-based clock, with a clock that is randomly varied between 3.9 and 13 MHz, with an internal oscillator that is randomly varied between 7.2 and 8.1 MHz, and with an internal oscillator that has slight random variation due to natural ‘drift’ in the oscillator. Traces captured with the synchronous sampling technique can be processed with a standard Differential Power Analysis style attack in all four cases, whereas when an oscilloscope is used only the stable oscillator setup is successful. This work also develops the hardware to recover the internal clock of a device which does not have an externally available clock. It is possible to implement this scheme in software only, allowing it to work with existing oscilloscope-based test environments. Performing the recovery in hardware allows the use of fault injection with excellent temporal stability relative to a sensitive event. This is demonstrated with a power glitch inserted into a microcontroller, where the glitch is triggered based on a signature in the measured power consumption.

Keywords

Side-channel analysis Acquisition Synchronization DPA Fault injection 

References

  1. 1.
    Atmel Corporation: ATmega48A DatasheetGoogle Scholar
  2. 2.
    Banerjee, D.: PLL performance simulation and design handbook, 4th edn. Texas Instruments, Dallas (2006)Google Scholar
  3. 3.
    Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. Cryptographic Hardware and Embedded Systems—CHES 2004, Lecture Notes in Computer Science, vol. 3156, pp. 16–29. Springer, Berlin (2004)Google Scholar
  4. 4.
    Costas, J.: Synchronous communications. IRE Trans. Commun. Syst. 5(1), 99–105 (1957). doi:10.1109/TCOM.1957.1097490 CrossRefGoogle Scholar
  5. 5.
    Guilley, S., Khalfallah, K., Lomne, V., Danger, J.L.: Formal Framework for the Evaluation of Waveform Resynchronization Algorithms. In: Proceedings of the 5th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP’11, pp. 100–115. Springer, Berlin. URL http://dl.acm.org/citation.cfm?id=2017824.2017835 (2011)
  6. 6.
    Kafi, M., Guilley, S., Marcello, S., Naccache, D.: Deconvolving Protected Signals. In: International Conference on Availability, Reliability and Security, 2009. ARES ’09, pp. 687–694 (2009). doi:10.1109/ARES.2009.197
  7. 7.
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Advances in Cryptology—CRYPTO’ 99, pp. 388–397. Springer (1999)Google Scholar
  8. 8.
    Mangard, S., Oswald, E., Popp, T.: Power analysis attacks: revealing the secrets of smart cards, advances in information security. Springer, Berlin (2008)Google Scholar
  9. 9.
    Massey, J.: Guessing and entropy. In: Proceedings of 1994 IEEE International Symposium on Information Theory, pp. 204 (1994). doi:10.1109/ISIT.1994.394764
  10. 10.
    Messerges, T.: Power Analysis Attacks and Countermeasures for Cryptographic Algorithms. Ph.D. thesis, University of Illinois at Chicago (2000)Google Scholar
  11. 11.
    Montminy, D., Baldwin, R., Temple, M., Laspe, E.: Improving cross-device attacks using zero-mean unit-variance normalization. J. Cryptogr. Eng. 3(2), 99–110 (2013). doi:10.1007/s13389-012-0038-y CrossRefGoogle Scholar
  12. 12.
    O’Flynn, C., Chen, Z.D.: A case study of side-channel analysis using decoupling capacitor power measurement with the OpenADC. Lect. Notes Comput. Sci. 7743, 328–344 (2013)Google Scholar
  13. 13.
    O’Flynn, C., Chen, Z.D.: ChipWhisperer: An open-source platform for hardware embedded security research. In: Constructive side-channel analysis and secure design—COSADE 2014, Lecture Notes in Computer Science, vol. 8622, pp. 243–260, Springer, Paris (2014). URL http://link.springer.com/chapter/10.10072F978-3-319-10175-0_17
  14. 14.
    Quisquater, J.J., Samyde, D.: Eddy current for magnetic analysis with active sensor. In: Esmart 2002, Nice, France (2002)Google Scholar
  15. 15.
    Réal, D., Canovas, C., Clédière, J., Drissi, M., Valette, F.: Defeating classical hardware countermeasures: a new processing for side channel analysis. In: Proceedings of the Conference on Design, Automation and Test in Europe, DATE ’08, pp. 1274–1279. ACM, New York, NY, USA (2008). doi:10.1145/1403375.1403684
  16. 16.
    Skorobogatov, S.: Synchronization method for SCA and fault attacks. J. Cryptogr. Eng. 1(1), 71–77 (2011). doi:10.1007/s13389-011-0004-0 CrossRefGoogle Scholar
  17. 17.
    Skorobogatov, S., Anderson, R.: Optical fault induction attacks. In: B. Kaliski, e. Ko, C. Paar (eds.) Cryptographic Hardware and Embedded Systems—CHES 2002, Lecture Notes in Computer Science, vol. 2523, pp. 2–12. Springer, Berlin (2003). doi:10.1007/3-540-36400-5_2. URL http://dx.doi.org/10.1007/3-540-36400-5_2
  18. 18.
    Tian, Q., Huss, S.: On clock frequency effects in side channel attacks of symmetric block ciphers. In: 2012 5th International Conference on New Technologies, Mobility and Security (NTMS), pp. 1–5 (2012). doi:10.1109/NTMS.2012.6208680
  19. 19.
    van Woudenberg, J., Witteman, M., Menarini, F.: Practical optical fault injection on secure microcontrollers. In: 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 91–99 (2011). doi:10.1109/FDTC.2011.12
  20. 20.
    van Woudenberg, J.G.J., Witteman, M.F., Bakker, B.: Improving differential power analysis by elastic alignment. In: Proceedings of the 11th International Conference on Topics in Cryptology: CT-RSA 2011. CT-RSA’11, pp. 104–119. Springer, Berlin (2011)Google Scholar
  21. 21.
    Yang, S., Gupta, P., Wolf, M., Serpanos, D., Narayanan, V., Xie, Y.: Power analysis attack resistance engineering by dynamic voltage and frequency scaling. ACM Trans. Embed. Comput. Syst. 11(3): 62:1–62:16 (2012). doi:10.1145/2345770.2345774

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  1. 1.Dalhousie UniversityHalifaxCanada

Personalised recommendations