Improving the Security of Wireless Sensor Networks by Protecting the Sensor Nodes against Side Channel Attacks

  • Zoya Dyka
  • Peter Langendörfer
Part of the Signals and Communication Technology book series (SCT)


The intent of this chapter is to introduce side channel attacks as a significant threat for wireless sensor networks, since in such systems the individual sensor node can be accessed physically and analysed afterwards. Even though such attacks are known for some years, they have never been specifically considered before in the area of WSNs (Wireless Sensor Networks).


Anti-Tampering Attack tools Blinding Cryptography Invasive Attacks Masking Non-invasive Attacks Security Semi-invasive attacks Side Channel Attacks Wireless Sensor Networks Tampering 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Project: tamper resistant sensor nodes,
  2. 2.
    Rivest, R.L., Shamir, A., Adelman, L.M.: A method for obtaining digital signatures and public key cryptosystems. Technical Report MIT/LCS/TM-82, Laboratory for Computer Science, MIT, Cambridge (1977)Google Scholar
  3. 3.
    Koblitz, N.: Elliptic curve cryptosystems. Mathematics of Computation 48(177), 203–209 (1987)MathSciNetMATHCrossRefGoogle Scholar
  4. 4.
    Miller, V.S.: Use of Elliptic Curves in Cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)Google Scholar
  5. 5.
    NIST Computer Security Division: Advanced Encryption Standard, FIPS 197 (2001),
  6. 6.
    Zhou, Y., Feng, D.: Side-Channel Attacks: Ten Years After Its Publication and the Impacts on Cryptographic Module Security Testing, Cryptology ePrint Archive. Report 2005/388,
  7. 7.
    NIST Computer Security Division: Digital Signature Standard (DSS), FIPS 186-3 (2001),
  8. 8.
    Second Standards for Efficient Cryptography Group (SECG), SEC 2: Recommended Elliptic Curve Domain Parameters (2010),
  9. 9.
    Barker, E., Johnson, D., Smid, M.: Nist special publication 800-56a, recommendation for pair-wise key establishment schemes using discrete logarithm cryptography (2007), (revised)
  10. 10.
    Kaliski, B.: Elliptic Curve Cryptography, RSA Labor (1999),
  11. 11.
    ANSI X9.63: Public Key Cryptography for the Financial Services Industry: Elliptic Curve Key Agreement and Key Transport Schemes (1998),
  12. 12.
    Certicom Research, Standards for efficient cryptography group (secg) Sec 1: Elliptic curve cryptography (2009),
  13. 13.
    Hankerson, D., Menezes, A., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer-Verlag New York, Inc. (2004)Google Scholar
  14. 14.
    Drutarovskı, M., Fischer, V.: True Random Number Generator Embedded in Altera ACEX Devices. In: Proceedings of DCIS 2002, pp. 587–592 (2002)Google Scholar
  15. 15.
    Fischer, V., Drutarovskı, M.: True Random Number Generator Embedded in Reconfigurable Hardware. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 415–430. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    Schellekens, D., Preneel, B., Verbauwhede, I.: FPGA Vendor Agnostic True Random Number Generator. In: Field Programmable Logic and Applications (FPL 2006), pp. 1–6 (2006)Google Scholar
  17. 17.
    Fan, J., Guo, X., Mulder, E.D., Schaumont, P., Preneel, B., Verbauwhede, I.: State-of-the-art of Secure ECC Implementations: A Survey on Known Side-channel Attacks and Countermeasures. In: Proceedings of the 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST 2010), Anaheim Convention Center, California, USA, June 13-14, pp. 76–87. IEEE Computer Society (2010)Google Scholar
  18. 18.
    Eberle, H., Shantz, S.C., Gupta, V., Gura, N.: Accelerating Next-Generation Public-key Cryptography on General-purpose CPU. In: Hot Chips 16, IEEE Symposium on High Performance Chips. Stanford University (2004)Google Scholar
  19. 19.
    Giry, D., Quisquater, J.-J.: Cryptographic key length recommendation, BlueKrypt - v 26.6 (2010),
  20. 20.
    Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  21. 21.
    Brumley, B., Tuveri, N.: Remote Timing Attacks are Still Practical, Cryptology ePrint Archive,
  22. 22.
    Koeune, F., Quisquater, J.-J.: A Timing Attack against Rijndael, Katholische Universitaet Louvain, Crypto Group. Technical report CG-1999/1 (1999),
  23. 23.
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. Technical report (1998),
  24. 24.
    Kocher, P., Jaffe, J.: Introduction to differential power analysis. Journal of Cryptographic Engineering 1(1), 5–27 (2011)CrossRefGoogle Scholar
  25. 25.
    Kadir, S.A., Sasongko, A.: Simple power analysis attack against elliptic curve cryptography processor on FPGA implementation. In: International Conference on Electrical Engineering and Informatics, July 17-19, pp. 1–4 (2011)Google Scholar
  26. 26.
    Mangard, S.: A Simple Power-Analysis (SPA) Attackon Implementations of the AES Key Expansion. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 343–358. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  27. 27.
    Perin, G., Torres, L., Benoit, P., Maurine, P.: Amplitude Demodulation-based EM Analysis of Different RSA Implementations. In: Proceeding of DATE 2012, March 12-16, pp. 1167–1172 (2012)Google Scholar
  28. 28.
    Heyszl, J., Mangard, S., Heinz, B., Stumpf, F., Sigl, G.: Localized Electromagnetic Analysis of Cryptographic Implementations. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 231–244. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  29. 29.
    Wu, K., Li, H.: Electromagnetic analysis on elliptic curve cryptosystems: Measures and counter-measures for smart cards. In: Third International Symposium on Intelligent Information Technology Application, pp. 40–43. IEEE (2009)Google Scholar
  30. 30.
    De Mulder, E.: Electromagnetic Techniques and Probes for Side-Channel Analysis on Cryptographic Devices. Dissertation, Katholieke Universiteit Leuven (2010),
  31. 31.
    Carlier, V., Chabanne, H., Dottax, E., Pelletier, H.: Electromagnetic side channels of an FPGA implementation of AES. Technical report, IACR Cryptology ePrint Archive (2004),
  32. 32.
    Skorobogatov, S.P.: Using optical emission analysis for estimating contribution to power analysis. In: Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 111–119. IEEE Computer Society (2009)Google Scholar
  33. 33.
    Ferrigno, J., Hlaváč, M.: When AES blinks: introducing optical side channel. IET Information Security 2(3), 94–98 (2008)CrossRefGoogle Scholar
  34. 34.
    Skorobogatov, S.P.: Semi-invasive attacks - a new approach to hardware security analysis, Computer Laboratory, University of Cambridge. Technical report ucam-cl-tr-630 (2005)Google Scholar
  35. 35.
    Tuan, T., Strader, T., Trimberger, S.: Analysis of Data Remanence in a 90nm FPGA. In: IEEE 2007 Custom Integrated Circuits Conference (CICC), pp. 93–96 (2007)Google Scholar
  36. 36.
    Skorobogatov, S.: Low Temperature Data Remanence in Static RAM. Technical Report UCAM-CL-TR-536, University of Cambridge, Computer Laboratory (2002)Google Scholar
  37. 37.
    Skorobogatov, S.Y.: Data Remanence in Flash Memory Devices. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 339–353. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  38. 38.
    Wills, K.S., Lewis, T., Billus, G., Hoang, H.: Optical Beam Induced Current Applications For Failure Analysis of VLSI Devices. In: Proceedings International Symposium for Testing and Failure Analysis, pp. 21–26 (1990)Google Scholar
  39. 39.
    Ajluni, C.: Two New Imaging Techniques Promise To Improve IC Defect Identification. Electronic Design 43(14), 37–38 (1995)Google Scholar
  40. 40.
    Samyde, D., Skorobogatov, S.: On a new way to read data from memory. In: SISW 2002 First International IEEE Security in Storage Workshop, USA (2002)Google Scholar
  41. 41.
    Kaliski, B., Robshaw, M.: Comments on some new attacks on cryptographic devices, RSA Laboratories. Technical report Bulletin Number 5 (1997)Google Scholar
  42. 42.
    Skorobogatov, S.P., Anderson, R.J.: Optical Fault Induction Attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 2–12. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  43. 43.
    Skorobogatov, S.: Local Heating Attacks on Flash Memory Devices. In: Proceedings of the 2009 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST 2009). Moscone Center, San Francisco (2009)Google Scholar
  44. 44.
    Schmidt, J.-M., Kirschbaum, M.: Analysis of attacks on sensor nodes software and hardware. TAMPREs - Tamper Resistant Sensor Node - Project, Deliverable D1.2 Report (2011),
  45. 45.
    Microchip Technology Incorporation,
  46. 46.
    Trichina, E., Korkikyan, R.: Multi Fault Laser Attacks on Protected CRT-RSA. In: Fault Diagnosis and Tolerance in Cryptography (FDTC) 2010, Workshop, August 21-21, pp. 75–86 (2010)Google Scholar
  47. 47.
    32-bit ARM Cortex M3 core documentation,

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  1. 1.IHP GmbHFrankfurt (Oder)Germany

Personalised recommendations