Analysis and Improvement of the Random Delay Countermeasure of CHES 2009

  • Jean-Sébastien Coron
  • Ilya Kizhvatov
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6225)


Random delays are often inserted in embedded software to protect against side-channel and fault attacks. At CHES 2009 a new method for generation of random delays was described that increases the attacker’s uncertainty about the position of sensitive operations. In this paper we show that the CHES 2009 method is less secure than claimed. We describe an improved method for random delay generation which does not suffer from the same security weakness. We also show that the paper’s criterion to measure the security of random delays can be misleading, so we introduce a new criterion for random delays which is directly connected to the number of acquisitions required to break an implementation. We mount a power analysis attack against an 8-bit implementation of the improved method verifying its higher security in practice.


Side channel attacks DPA countermeasures random delays 


  1. 1.
    Brier, E., Clavier, C., Benoit, O.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 135–152. Springer, Heidelberg (2004)Google Scholar
  2. 2.
    Clavier, C., Coron, J.-S., Dabbous, N.: Differential power analysis in the presence of hardware countermeasures. In: Koç, Ç.K., Paar, C. (eds.) CHES 2000. LNCS, vol. 1965, pp. 252–263. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  3. 3.
    Coron, J.-S., Kizhvatov, I.: An efficient method for random delay generation in embedded software. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 156–170. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  4. 4.
    Homma, N., Nagashima, S., Sugawara, T., Aoki, T., Satoh, A.: A high-resolution phase-based waveform matching and its application to side-channel attacks. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. E91-A(1), 193–202 (2008)CrossRefGoogle Scholar
  5. 5.
    Mangard, S.: Hardware countermeasures against DPA – a statistical analysis of their effectiveness. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 222–235. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)zbMATHGoogle Scholar
  7. 7.
    McLachlan, G., Peel, D.: Finite Mixture Models. John Wiley & Sons, Chichester (2000)zbMATHCrossRefGoogle Scholar
  8. 8.
    Tunstall, M., Benoit, O.: Efficient use of random delays in embedded software. In: Sauveron, D., Markantonakis, K., Bilas, A., Quisquater, J.-J. (eds.) WISTP 2007. LNCS, vol. 4462, pp. 27–38. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    van Woudenberg, J.G.J., Witteman, M.F., Bakker, B.: Improving Differential Power Analysis by elastic alignment (2009),

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Jean-Sébastien Coron
    • 1
  • Ilya Kizhvatov
    • 1
  1. 1.Université du LuxembourgLuxembourg

Personalised recommendations