Skip to main content
SpringerLink
Log in

Improving Non-profiled Attacks on Exponentiations Based on Clustering and Extracting Leakage from Multi-channel High-Resolution EM Measurements

  • Conference paper
  • First Online:
Constructive Side-Channel Analysis and Secure Design (COSADE 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9064))

Abstract

The success probability of side-channel attacks depends on the used measurement techniques as well as the algorithmic processing to exploit available leakage. This is particularly critical in case of asymmetric cryptography, where attackers are only allowed single side-channel observations because secrets are either ephemeral or blinded by countermeasures. We focus on non-profiled attacks which require less attacker privileges and cannot be prevented easily. We significantly improve the algorithmic processing in non-profiled attacks based on clustering against exponentiation-based implementations compared to previous contributions. This improvement is mainly due to PCA and a strategy to select few mid-ranked components where exploitable, low-variance leakage is concentrated. As a result from a practical experiment using single-channel high-resolution magnetic field measurements, we report a significant improvement in the number of successful attacks. Further, we present the first practical results from using three such channels simultaneously. The combination of three channels leads to further improved results over the best individual channel when applying a profiled template attack. The clustering-based algorithmic approach for the non-profiled attack, however, does not show improvements from the combination.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Agrawal, D., Rao, J.R., Rohatgi, P.: Multi-channel attacks. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 2–16. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  2. Archambeau, C., Peeters, E., Standaert, F.-X., Quisquater, J.-J.: Template attacks in principal subspaces. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 1–14. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  3. Batina, L., Hogenboom, J., van Woudenberg, J.G.J.: Getting more from PCA: first results of using principal component analysis for extensive power analysis. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 383–397. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  4. Bauer, S.: Attacking exponent blinding in RSA without CRT. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 82–88. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  5. Bohy, L., Neve, M., Samyde, D., Quisquater, J.J.: Principal and independent component analysis for crypto-systems with hardware unmasked units. In: Proceedings of e-Smart (2003)

    Google Scholar 

  6. Clavier, C., Feix, B., Gagnerot, G., Roussellet, M., Verneuil, V.: Horizontal correlation analysis on exponentiation. In: Soriano, M., Qing, S., López, J. (eds.) ICICS 2010. LNCS, vol. 6476, pp. 46–61. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  7. De Mulder, E., Örs, S.B., Preneel, B., Verbauwhede, I.: Differential power and electromagnetic attacks on a FPGA implementation of elliptic curve cryptosystems. Comput. Electr. Eng. 33, 367–382 (2007)

    Article  Google Scholar 

  8. Heyszl, J., Ibing, A., Mangard, S., De Santis, F., Sigl, G.: Clustering algorithms for non-profiled single-execution attacks on exponentiations. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 79–93. Springer, Heidelberg (2014)

    Google Scholar 

  9. Heyszl, J., Mangard, S., Heinz, B., Stumpf, F., Sigl, G.: Localized electromagnetic analysis of cryptographic implementations. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 231–244. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  10. Heyszl, J., Merli, D., Heinz, B., De Santis, F., Sigl, G.: Strengths and limitations of high-resolution electromagnetic field measurements for side-channel analysis. In: Mangard, S. (ed.) CARDIS 2012. LNCS, vol. 7771, pp. 248–262. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  11. Homma, N., Hayashi, Y., Miura, N., Fujimoto, D., Tanaka, D., Nagata, M., Aoki, T.: EM attack is non-invasive? - design methodology and validity verification of EM attack sensor. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 1–16. Springer, Heidelberg (2014)

    Google Scholar 

  12. Itoh, K., Izu, T., Takenaka, M.: Address-bit differential power analysis of cryptographic schemes OK-ECDH and OK-ECDSA. In: Kaliski, B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 399–412. Springer, Heidelberg (2003)

    Google Scholar 

  13. Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)

    Google Scholar 

  14. Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Advances in Information Security. Springer-Verlag New York Inc., Secaucus (2007)

    Google Scholar 

  15. Mavroeidis, D., Batina, L., van Laarhoven, T., Marchiori, E.: PCA, eigenvector localization and clustering for side-channel attacks on cryptographic hardware devices. In: Flach, P.A., De Bie, T., Cristianini, N. (eds.) ECML PKDD 2012, Part I. LNCS, vol. 7523, pp. 253–268. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  16. Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Power analysis attacks of modular exponentiation in smartcards. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, p. 144. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  17. Peeters, E., Standaert, F.X., Quisquater, J.J.: Power and electromagnetic analysis: improved model, consequences and comparisons. Integr. VLSI J. 40(1), 52–60 (2007)

    Article  Google Scholar 

  18. Perin, G., Imbert, L., Torres, L., Maurine, P.: Attacking randomized exponentiations using unsupervised learning. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 144–160. Springer, Heidelberg (2014)

    Google Scholar 

  19. Rousseeuw, P.J.: Silhouettes: a graphical aid to the interpretation and validation of cluster analysis. J. Comput. Appl. Math. 20, 53–65 (1987)

    Article  Google Scholar 

  20. Sauvage, L., Guilley, S., Mathieu, Y.: Electromagnetic radiations of FPGAs: high spatial resolution cartography and attack on a cryptographic module. ACM Trans. Reconfigurable Technol. Syst. 2, 4:1–4:24 (2009)

    Article  Google Scholar 

  21. Souissi, Y., Bhasin, S., Guilley, S., Nassar, M., Danger, J.-L.: Towards different flavors of combined side channel attacks. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 245–259. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  22. Standaert, F.-X., Archambeau, C.: Using subspace-based template attacks to compare and combine power and electromagnetic information leakages. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 411–425. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  23. Veyrat-Charvillon, N., Gérard, B., Renauld, M., Standaert, F.-X.: An optimal key enumeration algorithm and its application to side-channel attacks. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 390–406. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  24. Veyrat-Charvillon, N., Gérard, B., Standaert, F.-X.: Security evaluations beyond computing power. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 126–141. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  25. Walter, C.D.: Sliding windows succumbs to big mac attack. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, p. 286. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  26. Witteman, M.F., van Woudenberg, J.G.J., Menarini, F.: Defeating RSA multiply-always and message blinding countermeasures. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 77–88. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  27. Wolpert, D.H., Macready, W.G.: No free lunch theorems for optimization. IEEE Trans. Evol. Comput. 1(1), 67–82 (1997)

    Article  Google Scholar 

Download references

Acknowledgements

This work was partly funded by the German Federal Ministry of Education and Research in the project SIBASE through grant number 01IS13020.

Author information

Authors and Affiliations

  1. Fraunhofer Institute AISEC, Munich, Germany

    Robert Specht & Johann Heyszl

  2. Technische Universität München, Munich, Germany

    Martin Kleinsteuber & Georg Sigl

Authors
  1. Robert Specht
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Johann Heyszl
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Martin Kleinsteuber
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Georg Sigl
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Robert Specht .

Editor information

Editors and Affiliations

  1. Graz University of Technology, Graz, Austria

    Stefan Mangard

  2. NXP Semiconductors Germany GmbH, Hamburg, Germany

    Axel Y. Poschmann

A Appendix

A Appendix

1.1 A.1 Illustration of Principal Components After Transformation

Fig. 4.
figure 4

Example of an original trace-segment (topmost) and its high-ranked principal components below. The 4-th (bottom) component contains signal leakage

Full size image

Figure 4 depicts principal components after Principal Component Analysis (PCA) transformation for illustrative purposes. We used an example measurement where the side-channel leakage is sufficient for the attack to succeed without false classifications when selecting the \(k=4\)-th component for expectation maximization clustering. The topmost diagram depicts one trace-segment in its original form. Below this, the four highest-ranked principal components of this segment are depicted. From the previous analysis we know that the exploitable leakage seems concentrated in component \(k=4\) which is depicted in the bottom diagram. The time-samples with higher values represent the times of exploitable leakage information in this component. The sparse occurrence fits to the description of data-dependent register accesses as source of this leakage [9]. A comparison to the other components in Fig. 4 clearly shows that the leakage is small compared to the remaining signal parts.

1.2 A.2 Countermeasures

As previously described by Heyszl et al. [8], countermeasures such as exponent blinding do not protect against non-profiled attacks. Many countermeasures address individual single-execution leakage sources of implementation (e.g. address-bit, or localized leakage).

As a conclusion from this contribution, we must emphasize the necessity to reduce all possible single-execution leakage sources as much as possible.

Homma et al. [11] present a general countermeasure against high-resolution magnetic field measurements. They describe an on-chip sensor which detects magnetic field probes in close distance to die surfaces. However, in our opinion this will not help since measurement probes are typically placed close to an integrated circuit before power-up. Hence, necessary calibration routines of the sensor will likely not be able to distinguish the static probes from other environmental influences.

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Specht, R., Heyszl, J., Kleinsteuber, M., Sigl, G. (2015). Improving Non-profiled Attacks on Exponentiations Based on Clustering and Extracting Leakage from Multi-channel High-Resolution EM Measurements. In: Mangard, S., Poschmann, A. (eds) Constructive Side-Channel Analysis and Secure Design. COSADE 2015. Lecture Notes in Computer Science(), vol 9064. Springer, Cham. https://doi.org/10.1007/978-3-319-21476-4_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-21476-4_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-21475-7

  • Online ISBN: 978-3-319-21476-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation