The EM Side—Channel(s)
We present results of a systematic investigation of leakage of compromising information via electromagnetic (EM) emanations from CMOS devices. These emanations are shown to consist of a multiplicity of signals, each leaking somewhat different information about the underlying computation. We show that not only can EM emanations be used to attack cryptographic devices where the power side-channel is unavailable, they can even be used to break power analysis countermeasures.
- 1.D. Agrawal, B. Archambeault, J. R. Rao, and P. Rohatgi, EM Side-Channel(s): Attacks and Assessment Methodologies, http://www.research.ibm.com/intsec.
- 2.S. Chari, C. S. Jutla, J. R. Rao and P. Rohatgi. Towards Sound Countermeasures to Counteract Power-Analysis Attacks. Proc CRYPTO’ 99, LNCS1666, pp 398–412.Google Scholar
- 3.S. Chari, J. R. Rao and P. Rohatgi. Template Attacks, Proc CHES’ 02.Google Scholar
- 4.L. Goubin and J. Patarin. DES and Differential Power Analysis. Proc CHES’ 99, LNCS1717, pp 158–172.Google Scholar
- 6.K. Gandol., C. Mourtel and F. Olivier. Electromagnetic Attacks: Concrete Results. Proc CHES’ 01, LNCS 2162, pp 251–261.Google Scholar
- 7.P. Kocher. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS and Other Systems. Proc CRYPTO’ 96, LNCS 1109, pp 104–113.Google Scholar
- 8.P. Kocher, J. Jaffe and B. Jun. Differential Power Analysis: Leaking Secrets. Proc CRYPTO’ 99, LNCS 1666, pp 388–397.Google Scholar