Templates as Master Keys

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3659)


We introduce two new attacks: the single-bit template attack and the template-enhanced DPA attack. The single-bit template attack can be used very effectively to classify even single bits in a single side channel sample with a high probability of correctness. The template-enhanced DPA attack, combines traditional DPA with single-bit template attacks to show that if an adversary has access to a test card with even a slightly biased RNG, then he/she can break protected cryptographic implementations on a target card even if they have perfect RNGs. In support of our claim, we report results from experiments on breaking two implementations of DES and AES protected by the masking countermeasure running on smartcards of different manufacturers.

In light of these results, the threat of template attacks, generally viewed as intrinsically difficult to mount, needs to be reconsidered.


Test Device Target Device Entropy Loss Test Card Template Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [AARR02]
    Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM side-channel(s). In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. [AG01]
    Akkar, M.-L., Giraud, C.: An Implementation of DES and AES Secure against Some Attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 309–318. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. [ARR03]
    Agrawal, D., Rao, J.R., Rohatgi, P.: Multi-channel Attacks. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 2–16. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  4. [BNSQ03]
    Bohy, L., Neve, M., Samyde, D., Quisquater, J.-J.: Principal and Independent Component Analysis for Crypto-systems with Hardware Unmasked Units. In: e-Smart 2003 (2003)Google Scholar
  5. [CJR+99]
    Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards Sound Approaches to Counteract Power-Analysis Attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999)Google Scholar
  6. [CRR02]
    Chari, S., Rao, J.R., Rohatgi, P.: Template Attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. [GP99]
    Goubin, L., Patarin, J.: DES and Differential Power Analysis: the Duplication Method. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 158–172. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  8. [KJJ99]
    Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis: Leaking Secrets. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  9. [Koc96]
    Kocher, P.: Timing Attacks on Implementations of Diffie-Hellmann, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  10. [MDS99]
    Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Investigations of Power Analysis Attacks on Smartcards. In: USENIX Workshop on Smartcard Technology, pp. 151–162 (1999)Google Scholar
  11. [MDS02]
    Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining Smart-Card Security under the Threat of Power Analysis Attacks. IEEE Transactions On Computers 51(4), 1–12 (2002)MathSciNetGoogle Scholar
  12. [RO04]
    Rechberger, C., Oswald, E.: Practical Template Attacks. In: Lim, C.H., Yung, M. (eds.) WISA 2004. LNCS, vol. 3325, pp. 440–456. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. [Tre68]
    Van Trees, H.L.: Detection, Estimation, and Modulation Theory, Part I. John Wiley & Sons, Chichester (1968)zbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  1. 1.IBM Watson Research CenterYorktown HeightsUSA
  2. 2.Communication Security GroupRuhr-Universität BochumBochumGermany

Personalised recommendations