Lecture11 Dpa
-
Upload
ngoc-quy-tran -
Category
Documents
-
view
239 -
download
0
Transcript of Lecture11 Dpa
-
7/23/2019 Lecture11 Dpa
1/22
Differential Power Analysis
Paul Kocher, Joshua Jaffe, and Benjamin Jun
Cryptography Research, Inc.
presented by Italo Dacosta
-
7/23/2019 Lecture11 Dpa
2/22
Tamper resistant devices
Tamper resistant microprocessors
Store and process private or sensitive
information
The private information can not be extracted
Smart Cards
Self-contained microcontroller, with a
microprocessor, memory and a serial
interface integrated on to a single chip that
is packaged in a plastic card
Used in banking applications,
mobile phones, pay TV, etc.
-
7/23/2019 Lecture11 Dpa
3/22
Designing a secure smart card
Several people involved with different
assumptions
Algorithm designers
Protocol designers
Software developers
Hardware engineers
-
7/23/2019 Lecture11 Dpa
4/22
Algorithm designer assumption
from Introduction to Differential Power Analysis and Related Attacksby P. Kocher et al., Cryptography Research
Typically, the algorithm is evaluated in isolation
Differential cryptanalysis
Linear cryptanalysis
-
7/23/2019 Lecture11 Dpa
5/22
Reality!
from Introduction to Differential Power Analysis and Related Attacksby P. Kocher et al., Cryptography Research
-
7/23/2019 Lecture11 Dpa
6/22
Reality Side Channel Attacks
A correct implementation of a strong protocol is not
necessarily secure
Failures can be cause by:
Defective computation
D. Boneh, , and , On the importance of
checking cryptographic protocols for faults, EUROCRYPT '97
Information leaked during secret key operations
Timing information
Invasive measuring techniques
Electromagnetic emanations (i.e. TEMPEST)
-
7/23/2019 Lecture11 Dpa
7/22
Power analysis attacks
ICs are built out of invidual
transistors which consume
power
Monitoring and analysis of the
power consumption of a
device to extract the private
information stored in it.
Active, relatively cheap, non-
invasive attack
-
7/23/2019 Lecture11 Dpa
8/22
Simple Power Analysis
Focus on the use of visual inspection techniques to
identify relevant power fluctuations during
cryptographic operations
Interpretation of power traces
Power consumption measurements taken across a
cryptographic operation
Typically current used by a device over time
-
7/23/2019 Lecture11 Dpa
9/22
SPA DES tracesSPA trace showing an entire DES operation
SPA trace showing DES rounds 2 and 3
-
7/23/2019 Lecture11 Dpa
10/22
SPA DES trace showing differences in power
consumption of different microprocessor instructions
jump
no jump
-
7/23/2019 Lecture11 Dpa
11/22
SPA attack
SPA can reveal sequence of instructions executed
It can be use to break cryptographic implementations in
which the execution path depend on the data being
processed
DES key schedule
DES permutations
Comparisons
Multipliers
Exponentiators
-
7/23/2019 Lecture11 Dpa
12/22
Preventing SPA
In general, techniques to prevent SPA are
fairly simple.
Avoid procedures that use secret intermediatesor keys for conditional branching operations
Hard-wired implementations of symmetric
cryptography algorithms
-
7/23/2019 Lecture11 Dpa
13/22
Differential Power Analysis
Use of statistical analysis and error
correction techniques to extract information
correlated to secret keys
Based on the effects correlated to data
values being manipulated.
More powerful than SPA and is much more
difficult to prevent
-
7/23/2019 Lecture11 Dpa
14/22
DPA basic idea
Capture power traces T1...m[1...k] containing k samples each
Record the ciphertexts C1...m
Knowledge of plaintext is not required
DPA selection function D(C,b,Ks){0,1}
Compute k-sample differential trace D[1...k], where:
-
7/23/2019 Lecture11 Dpa
15/22
DPA against DES
DPA selection function D(C,b,Ks) is defined as: Returning the value of the DES intermediate L at the beginning of the 16th
(0
-
7/23/2019 Lecture11 Dpa
16/22
DPA traces for DES
Power reference
Correct Ks
Incorrect Ks
1000 samples
-
7/23/2019 Lecture11 Dpa
17/22
Quantitative DPA measurements
Reference power
consumption trace
Standard deviation
Differential trace
(m=104)
-
7/23/2019 Lecture11 Dpa
18/22
-
7/23/2019 Lecture11 Dpa
19/22
DPA against other algorithms
In general, DPA can be used to break any
symmetric or asymmetric algorithm
Public key algorithms (i.e. RSA)Asymmetric operations tend to produce stronger
signals leaking than symmetric ones
Reverse engineering using DPA
-
7/23/2019 Lecture11 Dpa
20/22
Preventing DPA
Reduce signals size
Introducing noise into power
consumption measurements
Designing cryptosystems with
realistic assumptions about the
underlying hardware.
Balanced HW and SW (i.e. leak tolerant design)
Incorporating randomness
Algorithm and protocol-level countermeasures
-
7/23/2019 Lecture11 Dpa
21/22
Take away
Power analysis techniques are of great concern:
multiple vulnerable devices, easy to implement, low
cost, and difficult to detect.
Systems must be designed with realistic assumptions
taking into account all the components (algorithms,
protocols, hardware, and software) and their
interactions.
-
7/23/2019 Lecture11 Dpa
22/22
Questions?