Side-Channel Cryptanalysis: A Brief Survey



Traditionally, the mathematical cryptanalysis considers that the cryptographic device is an abstract machine and target primarily the weaknesses of the cryptographic algorithm by taking advantage of the input and output data. In Shannon’s 1949 paper on “Communication Theory of Secrecy Systems”, he defined what should be perfect secrecy:


  1. [ABDM00]
    Akkar, M.-L., Bevan, R., Dischamp, P., & Moyart, D. (2000). Power Analysis, What Is Now Possible... In T. Okamoto, (Ed.), ASIACRYPT, Lecture Notes in Computer Science (Vol. 1976, pp. 489–502). New York: Springer.Google Scholar
  2. [AG01]
    Akkar, M.-L., & Giraud, C. (2001). An implementation of DES and AES secure againsts some attacks. In Ç. K. Koç et al. [cKKNPO1], (pp. 309–318).Google Scholar
  3. [AG03]
    Akkar, M.-L., & Goubin, L. (2003). A generic protection against high-order differential power analysis. In T. Johansson (Ed.), FSE, Lecture Notes in Computer Science (Vol. 2887, pp. 192–205). Berlin: Springer.Google Scholar
  4. [AK97]
    Anderson, R. J., & Kuhn, M. G. (1997). Low cost attacks on tamper resistant devices. In B. Christianson, B. Crispo, T. M. A. Lomas & M. Roe (Ed.), Security Protocols Workshop, Lecture Notes in Computer Science (Vol. 1361, pp. 125–136). Berlin: Springer.Google Scholar
  5. [BDL01]
    Boneh, D., DeMillo, R. A., & Lipton, R. J. (2001). On the importance of eliminating errors in cryptographic computations. Journal of Cryptology, 14(2), 101–119.MathSciNetMATHCrossRefGoogle Scholar
  6. [BILT04]
    Bajard, J.-C., Imbert, L., Liardet, P.-Y., & Teglia, Y. (2004). Leak resistant arithmetic. In M. Joye & J.-J. Quisquater (Eds.), CHES, Lecture Notes in Computer Science (Vol. 3156, pp. 62–75). Berlin: Springer.Google Scholar
  7. [BT06]
    Benoit, O., & Tunstall, M. (2006). Efficient use of random delays. Technical report.Google Scholar
  8. [CCD00]
    Clavier, C., Coron, J.-S., & Dabbous N. (2000). Differential power analysis in the presence of hardware countermeasures. In Ç. K. Koç & C. Paar [cKKP00], (pp. 252–263).Google Scholar
  9. [CG00]
    Coron, J.-S., & Goubin, L. (2000). On boolean and arithmetic masking against differential power analysis. In Ç. K. Koç and C. Paar [cKKP00], (pp. 231–237).Google Scholar
  10. [cKKNP01]
    Koç, Ç. K., Naccache, D., & Paar, C. (Eds.). (2001). Cryptographic hardware and embedded systems - CHES 2001, Third International Workshop, Paris, France, May 14–16, Proceedings, of Lecture Notes in Computer Science (Vol. 2162). Berlin: Springer.Google Scholar
  11. [cKKP99]
    Koç, Ç. K., & Paar, C. (Eds.). (1999). Cryptographic hardware and embedded systems. First International Workshop, CHES’99, Worcester, MA, USA, August 12–13, Proceedings, of Lecture Notes in Computer Science (Vol. 1717). Berlin: SpringerGoogle Scholar
  12. [cKKP00]
    Koç, Ç. K., & Paar, C. (Eds.). (2000). Cryptographic hardware and embedded systems—CHES 2000, Second International Workshop, Worcester, MA, USA, August 17–18, Proceedings, of Lecture Notes in Computer Science (Vol. 1965). Berlin: Springer.Google Scholar
  13. [CNPQ03]
    Ciet, M., Neve, M., Peeters, E., & Quisquater, J.-J. (2003). Parallel FPGA implementation of RSA with residue number systems—can side-channel threats be avoided? In MWSCAS ’03. Proceedings of the 46th IEEE International Midwest Symposium on Circuits and Systems (Vol. 2, pp 806–810), Dec 2003.Google Scholar
  14. [DKL+98]
    Dhem, J.-F., Koeune, F., Leroux, P.-A., Mestré, P., Quisquater, J.-J. & Willems, J.-J. (1998). A practical implementation of the timing attack. In J.-J. Quisquater & B. Schneier (Eds.). CARDIS, Lecture Notes in Computer Science (Vol. 1820, pp. 167–182). Berlin: Springer.Google Scholar
  15. [GMO01]
    Gandolfi, K., Mourtel, C., & Olivier, F. (2001). Electromagnetic analysis: concrete results. In Ç. K. Koç et al. [cKKNP01], (pp. 251–261).Google Scholar
  16. [GP99]
    Goubin, L., & Patarin, J. (1999). DES and differential power analysis (The “Duplication” Method). In Ç. K. Koç & C. Paar [cKKP99], (pp. 158–172).Google Scholar
  17. [HPS99]
    Handschuh, H., Paillier, P., & Stern, J. (1999). Probing attacks on tamper-resistant devices. In Ç. K. Koç & C. Paar [cKKP99], (pp. 303–315).Google Scholar
  18. [JLQ99]
    Joye, M., Lenstra, A. K., & Quisquater, J.-J. (1999). Chinese remaindering based cryptosystems in the presence of faults. Journal of Cryptology, 12(4), 241–245.MATHCrossRefGoogle Scholar
  19. [KJJ99]
    Kocher, P. C., Jaffe, J., & Jun, B. (1999). Differential power analysis. In M. J. Wiener (Ed.), CRYPTO, Lecture Notes in Computer Science (Vol. 1666, pp. 388–397). Berlin: Springer.Google Scholar
  20. [KK99]
    Kömmerling, O., & Kuhn, M. G. (1999). Design principles for tamper-resistant smartcard processors. In Proceedings of the USENIX Workshop on Smartcard Technology, Chicago, 10–11 May 1999 (pp. 9–20).Google Scholar
  21. [Koc96]
    Kocher, P. C. (1996). Timing attacks on implementations of diffie-Hellman, RSA, DSS, and other systems. In N. Koblitz (Ed.), CRYPTO, Lecture Notes in Computer Science (Vol. 1109, pp. 104–113). Berlin: Springer.Google Scholar
  22. [MMC+02]
    Moore, S. W., Mullins, R. D., Cunningham, P. A., Anderson, R. J., & Taylor, G. S. (2002). Improving smart card security using self-timed circuits. In ASYNC, IEEE Computer Society (p 211–218).Google Scholar
  23. [MMS01]
    May, D., Muller, H. L., & Smart, N. P. (2001). Random register renaming to foil DPA. In Ç. K. Koç et al. [cKKNP01] (pp. 28–38).Google Scholar
  24. [MRB+03]
    Maurine, P., Rigaud, J.-B., Bouesse, G. F., Sicard, G., & Renaudin, M. (2003). Statistic implementation of QDI asynchronous primitives. In J. J.-Chico & E. Macii (Eds.), PATMOS, Lecture Notes in Computer Science (Vol. 2799, pp. 181–191). Berlin: Springer.Google Scholar
  25. [MSH+04]
    Mace, F., Standaert, F.-X., Hassoune, I., Legat, J.-D., & Quisquater, J.-J. (2004). A dynamic current mode logic to counteract power analysis atacks. In DCIS 2004. (pp. 186-191).Google Scholar
  26. [NFQ99]
    Neve, A., Flandre, D., & Quisquater, J.-J. (1999). Feasibility of smart cards in Silicon-on-insulator (SOI) technology. (pp. 1–7).Google Scholar
  27. [QS01]
    Quisquater, J.-J., & Samyde, D. (2001). ElectroMagnetic analysis (EMA): Measures and counter-measures for smart cards. In I. Attali & T. P. Jensen (Eds.), E-smart, Lecture Notes in Computer Science (Vol. 2140, pp. 200–210). Berlin: Springer.Google Scholar
  28. [QS02]
    Quisquater, J.-J., & Samyde, D. (2002). Eddy current for magnetic analysis with active sensor. In Proceedings of Esmart 2002 (3rd ed.), Sept 2002. (pp. 183–194).Google Scholar
  29. [RWB04]
    Ratanpal, G. B., Williams, R. D., & Blalock, T. N. (2004). An on-chip signal suppression countermeasure to power analysis attacks. IEEE Transactions on Dependable and Secure Computing, 1(3), 179–189.CrossRefGoogle Scholar
  30. [SA02]
    Skorobogatov, S. P., & Anderson, R. J. (2002). Optical fault induction attacks. In B. S. Kaliski Jr., Ç. K. Koç & C. Paar (Eds.), CHES, Lecture Notes in Computer Science (Vol. 2523, pp. 2–12). Berlin: Springer.Google Scholar
  31. [SSAQ02]
    Samyde, D., Skorobogatov, S. P., Anderson, R. J., & Quisquater, J.-J. (2002). On a new way to read data from memory. In IEEE Security in Storage Workshop (pp. 65–69).Google Scholar
  32. [TAV02]
    Kocher, P.C., Jaffe, J., Jun, B. (2002). A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards. In Proceedings of ESSCIRC 2002.Google Scholar
  33. [Waltersub99]
    Walter, C.D. (1999). Montgomery exponentiation needs no finalsubtractions. Electronics Letters. 35(21), 1831–1832Google Scholar
  34. [HachezQ00]
    Hachez, G., & Quisquater, J.-J. (2000). Montgomery exponentiation with no final subtractions: Improved results, CHES (pp. 293–301).

Copyright information

© Springer Science+Business Media New York 2013

Authors and Affiliations

  1. 1.Texas Instruments Inc.FriscoUSA

Personalised recommendations