Differential Power Analysis
Cryptosystem designers frequently assume that secrets will be manipulated in closed, reliable computing environments. Unfortunately, actual computers and microchips leak information about the operations they process. This paper examines specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. We also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.
Keywordsdifferential power analysis DPA SPA cryptanalysis DES
- 1.R. Anderson, M. Kuhn, “Low Cost Attacks on Tamper Resistant Devices,” Security Protocol Workshop, April 1997, http://www.cl.cam.ac.uk/ftp/users/rja14/tamper2.ps.gz.
- 2.R. Anderson and M. Kuhn, “Tamper Resistance-a Cautionary Note”, The Second USENIX Workshop on Electronic Commerce Proceedings, November 1996, pp. 1–11.Google Scholar
- 3.E. Biham and A. Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer-Verlag, 1993.Google Scholar
- 4.E. Biham and A. Shamir, “Differential Fault Analysis of Secret Key Cryptosystems,” Advances in Cryptology: Proceedings of CRYPTO’ 97, Springer-Verlag, August 1997, pp. 513–525.Google Scholar
- 5.D. Boneh, R. DeMillo, and R. Lipton, “On the Importance of Checking Cryptographic Protocols for Faults,” Advances in Cryptology: Proceedings of EURO-CRYPT’ 97, Springer-Verlag, May 1997, pp. 37–51.Google Scholar
- 6.Jameco Electronics, “PC-MultiScope (part #142834),” February 1999 Catalog, p. 103.Google Scholar
- 7.P. Kocher, “Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems,” Advances in Cryptology: Proceedings of CRYPTO’ 96, Springer-Verlag, August 1996, pp. 104–113.Google Scholar
- 8.M. Matsui, “The First Experimental Cryptanalysis of the Data Encryption Standard,” Advances in Cryptology: Proceedings of CRYPTO’ 94, Springer-Verlag, August 1994, pp. 1–11.Google Scholar
- 9.National Bureau of Standards, “Data Encryption Standard,” Federal Information Processing Standards Publication 46, January 1977.Google Scholar
- 10.National Institute of Standards and Technology, “Secure Hash Standard,” Federal Information Processing Standards Publication 180-1, April 1995.Google Scholar
- 11.J. Dhem, F. Koeune, P. Leroux, P. Mestré, J. Quisquater, and J. Willems, “A practical implementation of the timing attack,” UCL Crypto Group Technical Report Series: CG-1998/1, 1998.Google Scholar