Differential Power Analysis

  • Paul Kocher
  • Joshua Jaffe
  • Benjamin Jun
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1666)


Cryptosystem designers frequently assume that secrets will be manipulated in closed, reliable computing environments. Unfortunately, actual computers and microchips leak information about the operations they process. This paper examines specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. We also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.


differential power analysis DPA SPA cryptanalysis DES 


  1. 1.
    R. Anderson, M. Kuhn, “Low Cost Attacks on Tamper Resistant Devices,” Security Protocol Workshop, April 1997,
  2. 2.
    R. Anderson and M. Kuhn, “Tamper Resistance-a Cautionary Note”, The Second USENIX Workshop on Electronic Commerce Proceedings, November 1996, pp. 1–11.Google Scholar
  3. 3.
    E. Biham and A. Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer-Verlag, 1993.Google Scholar
  4. 4.
    E. Biham and A. Shamir, “Differential Fault Analysis of Secret Key Cryptosystems,” Advances in Cryptology: Proceedings of CRYPTO’ 97, Springer-Verlag, August 1997, pp. 513–525.Google Scholar
  5. 5.
    D. Boneh, R. DeMillo, and R. Lipton, “On the Importance of Checking Cryptographic Protocols for Faults,” Advances in Cryptology: Proceedings of EURO-CRYPT’ 97, Springer-Verlag, May 1997, pp. 37–51.Google Scholar
  6. 6.
    Jameco Electronics, “PC-MultiScope (part #142834),” February 1999 Catalog, p. 103.Google Scholar
  7. 7.
    P. Kocher, “Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems,” Advances in Cryptology: Proceedings of CRYPTO’ 96, Springer-Verlag, August 1996, pp. 104–113.Google Scholar
  8. 8.
    M. Matsui, “The First Experimental Cryptanalysis of the Data Encryption Standard,” Advances in Cryptology: Proceedings of CRYPTO’ 94, Springer-Verlag, August 1994, pp. 1–11.Google Scholar
  9. 9.
    National Bureau of Standards, “Data Encryption Standard,” Federal Information Processing Standards Publication 46, January 1977.Google Scholar
  10. 10.
    National Institute of Standards and Technology, “Secure Hash Standard,” Federal Information Processing Standards Publication 180-1, April 1995.Google Scholar
  11. 11.
    J. Dhem, F. Koeune, P. Leroux, P. Mestré, J. Quisquater, and J. Willems, “A practical implementation of the timing attack,” UCL Crypto Group Technical Report Series: CG-1998/1, 1998.Google Scholar
  12. 12.
    R.L. Rivest, A. Shamir, and L.M. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Communications of the ACM, 21, 1978, pp. 120–126.zbMATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1999

Authors and Affiliations

  • Paul Kocher
    • 1
  • Joshua Jaffe
    • 1
  • Benjamin Jun
    • 1
  1. 1.Cryptography Research, Inc.San FranciscoUSA

Personalised recommendations