Power and EM Attacks on Passive \(13.56\,\textrm{MHz}\) RFID Devices

  • Michael Hutter
  • Stefan Mangard
  • Martin Feldhofer
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4727)


During the last years, more and more security applications have been developed that are based on passive 13.56 MHz RFID devices. Among the most prominent applications are electronic passports and contactless payment systems. This article discusses the effectiveness of power and EM attacks on this kind of devices. It provides an overview of different measurement setups and it presents concrete results of power and EM attacks on two RFID prototype devices. The first device performs AES encryptions in software, while the second one performs AES encryptions in hardware. Both devices have been successfully attacked with less than 1 000 EM traces. These results emphasize the need to include countermeasures into RFID devices.


RFID Power Analysis EM Attacks Side-Channel Attacks DPA DEMA AES 


  1. 1.
    Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM Side-channel(s). In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. 2.
    Batina, L., Guajardo, J., Kerins, T., Mentens, N., Tuyls, P., Verbauwhede, I.: Public-Key Cryptography for RFID-Tags. In: Workshop on RFID Security 2006 (RFIDSec06), Graz, Austria (July 12-14, 2006)Google Scholar
  3. 3.
    Bono, S., Green, M., Stubblefield, A., Juels, A., Rubin, A., Szydlo, M.: Security Analysis of a Cryptographically-Enabled RFID Device. In: USENIX Security Symposium, Baltimore, Maryland, USA, Proceedings, pp. 1–16. USENIX (July-August 2005)Google Scholar
  4. 4.
    Carluccio, D., Lemke, K., Paar, C.: Electromagnetic Side Channel Analysis of a Contactless Smart Card: First Results. In: Oswald, E. (ed.) Workshop on RFID and Lightweight Crypto (RFIDSec 2005), Graz, Austria (July 13-15, 2005)Google Scholar
  5. 5.
    Feldhofer, M., Dominikus, S., Wolkerstorfer, J.: Strong Authentication for RFID Systems using the AES Algorithm. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 357–370. Springer, Heidelberg (2004)Google Scholar
  6. 6.
    Feldhofer, M., Wolkerstorfer, J., Rijmen, V.: AES Implementation on a Grain of Sand. IEE Proceedings on Information Security 152(1), 13–20 (2005)CrossRefGoogle Scholar
  7. 7.
    Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic Analysis: Concrete Results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Hamalainen, P., Alho, T., Hannikainen, M., Hamalainen, T.D.: Design and Implementation of Low-Area and Low-Power AES Encryption Hardware Core. In: 9th EUROMICRO Conference on Digital System Design: Architectures, Methods and Tools (DSD 2006), Dubrovnik, Croatia, August 30-September 1, pp. 577–583. IEEE Computer Society, Los Alamitos (2006)CrossRefGoogle Scholar
  9. 9.
    Handschuh, H.: Contactless technology security issues (April 2004),
  10. 10.
    International Organisation for Standardization (ISO). ISO/IEC 10373-6: Identification cards - Test methods – Part 6: Proximity cards (2001)Google Scholar
  11. 11.
    International Organisation for Standardization (ISO). ISO/IEC 15693-3: Identification cards - Contactless integrated circuit(s) cards - Vicinity cards – Part 3: Anticollision and transmission protocol (2001)Google Scholar
  12. 12.
    International Organisation for Standardization (ISO). ISO/IEC 18092: Information technology - Telecommunications and information exchange between systems - Near Field Communication - Interface and Protocol (April 2004)Google Scholar
  13. 13.
    International Organization for Standardization (ISO). ISO/IEC 14443: Identification Cards - Contactless Integrated Circuit(s) Cards - Proximity Cards (2000)Google Scholar
  14. 14.
    Kaps, J.-P., Sunar, B.: Energy comparison of AES and SHA-1 for ubiquitous computing. In: Zhou, X., Sokolsky, O., Yan, L., Jung, E.-S., Shao, Z., Mu, Y., Lee, D.C., Kim, D., Jeong, Y.-S., Xu, C.-Z. (eds.) Emerging Directions in Embedded and Ubiquitous Computing. LNCS, vol. 4097, pp. 372–381. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  15. 15.
    Koblitz, N.: Elliptic Curve Cryptosystems. Mathematics of Computation 48, 203–209 (1987)zbMATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  17. 17.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  18. 18.
    National Institute of Standards and Technology (NIST). FIPS-46-3: Data Encryption Standard (October 1999), Available online at
  19. 19.
    National Institute of Standards and Technology (NIST). FIPS-197: Advanced Encryption Standard (November 2001), Available online at
  20. 20.
    Oren, Y., Shamir, A.: Power Analysis of RFID Tags (February 2006),
  21. 21.
    Philips Austria GmbH: Website - contactless smart cards,
  22. 22.
    Quisquater, J.-J., Samyde, D.: ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards. In: Attali, S., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 200–210. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  23. 23.
    Rivest, R.L., Shamir, A., Adleman, L.: A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM 21(2), 120–126 (1978)zbMATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Michael Hutter
    • 1
  • Stefan Mangard
    • 2
  • Martin Feldhofer
    • 1
  1. 1.Institute for Applied Information Processing and Communciations (IAIK), Graz University of Technology, Inffeldgasse 16a, 8010 GrazAustria
  2. 2.Infineon Technologies AG, Security Innovation, Am Campeon 1-12, 85579 NeubibergGermany

Personalised recommendations