Smartly Analyzing the Simplicity and the Power of Simple Power Analysis on Smartcards

  • Rita Mayer-Sommer
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1965)

Abstract

A new kind of cryptanalytic attacks, targeted directly at the weaknesses of a cryptographic algorithm’s physical implementation, has recently attracted great attention. Examples are timing, glitch, or poweranalysis attacks. Whereas in so-called simple power analysis (SPA for short) only the power consumption of the device is analyzed, differential power analysis (DPA) additionally requires knowledge of ciphertext outputs and is thus more costly. Previous investigations have indicated that SPA is little threatening and moreover easy to prevent, leaving only DPA as a serious menace to smartcard integrity. We show, however, that with careful experimental technique, SPA allows for extracting sensitive information easily, requiring only a single power-consumption graph. This even holds with respect to basic instructions such as register moves, which have previously not been considered critical. Our results suggest that SPA is an effective and easily implementable attack and, due to its simplicity, potentially a more serious threat than DPA in many real applications.

References

  1. 1.
    R. J. Anderson and M.G. Kuhn, Low Cost Attacks on Tamper Resistant Devices, 5th International Workshop on Security Protocols, 1997.Google Scholar
  2. 2. R. J. Anderson and M.G. Kuhn, Tamper Resistance-a Cautionary Note, Proceedings of the Second USENIX Workshop on Electronic Commerce, 1996.Google Scholar
  3. 3.
    E. Biham and A. Shamir, Power Analysis of Key Scheduling of the AES Candidates, Proceedings of the Second AES Candidate Conference, 1999.Google Scholar
  4. 4.
    P. Kocher, J. Jaffe, and B. Jun, Differential Power Analysis, Advances in Cryptology-Proceedings of CRYPTO’ 99, Lecture Notes in Computer Science, Vol. 1666, Springer-Verlag, 1999.Google Scholar
  5. 5.
    M. Kuhn and O. Kömmerling, Design Principles for Tamper-Resistant Smartcard Processors, Proceedings of the USENIX Workshop on Smartcard Technology, 1999.Google Scholar
  6. 6.
    T. S. Messerges, E. A. Dabbish, and R.H. Sloan, Investigations of Power Analysis Attacks on Smartcards, Proceedings of the USENIX Workshop on Smartcard Technology, 1999.Google Scholar
  7. 7.
    H. J. M. Veendrick, Short-Circuit Dissipation of Static CMOS Circuitry, IEEE Journal of Solid-State Circuits, Vol. SC-19, No.4, 1984Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2000

Authors and Affiliations

  • Rita Mayer-Sommer
    • 1
  1. 1.Electrical Engineering DivisionETHZürichSwitzerland

Personalised recommendations