Stuart, Kish y Sutton - Principles of Bloodstain Pattern Analysis
Smart Card Security: Power Analysis Attacks Greg Kish Rob Rex Jamie Walls.
-
Upload
gillian-bryant -
Category
Documents
-
view
213 -
download
0
Transcript of Smart Card Security: Power Analysis Attacks Greg Kish Rob Rex Jamie Walls.
![Page 1: Smart Card Security: Power Analysis Attacks Greg Kish Rob Rex Jamie Walls.](https://reader035.fdocuments.us/reader035/viewer/2022071806/56649f525503460f94c76b09/html5/thumbnails/1.jpg)
Smart Card Security: Power Analysis Attacks
Greg Kish
Rob Rex
Jamie Walls
![Page 2: Smart Card Security: Power Analysis Attacks Greg Kish Rob Rex Jamie Walls.](https://reader035.fdocuments.us/reader035/viewer/2022071806/56649f525503460f94c76b09/html5/thumbnails/2.jpg)
Overview
• Introduction
• Background– What is a Smart Card – Evolution– Attacks
• Power Analysis
• Conclusion
![Page 3: Smart Card Security: Power Analysis Attacks Greg Kish Rob Rex Jamie Walls.](https://reader035.fdocuments.us/reader035/viewer/2022071806/56649f525503460f94c76b09/html5/thumbnails/3.jpg)
Background
• What is a ‘smart card’?– vs. dumb cards– Why smart cards?
• Applications
• Physical Characteristics– At a glance– ISO 7816-2:1988
![Page 4: Smart Card Security: Power Analysis Attacks Greg Kish Rob Rex Jamie Walls.](https://reader035.fdocuments.us/reader035/viewer/2022071806/56649f525503460f94c76b09/html5/thumbnails/4.jpg)
Evolution
• Embossed numbers and cardholder’s name
• Signature field
• Magnetic stripe
• Hologram
• Internet fraud
• Smart card
![Page 5: Smart Card Security: Power Analysis Attacks Greg Kish Rob Rex Jamie Walls.](https://reader035.fdocuments.us/reader035/viewer/2022071806/56649f525503460f94c76b09/html5/thumbnails/5.jpg)
Attacks
• Invasive– Physically breaking the card
• Non-Invasive– Glitching– Malicious applets– Power analysis
![Page 6: Smart Card Security: Power Analysis Attacks Greg Kish Rob Rex Jamie Walls.](https://reader035.fdocuments.us/reader035/viewer/2022071806/56649f525503460f94c76b09/html5/thumbnails/6.jpg)
Simple Power Analysis
• Gathering the data– How?– What does it mean?
• Hamming weight leakage
• Transition count
• Breaking DES
![Page 7: Smart Card Security: Power Analysis Attacks Greg Kish Rob Rex Jamie Walls.](https://reader035.fdocuments.us/reader035/viewer/2022071806/56649f525503460f94c76b09/html5/thumbnails/7.jpg)
![Page 8: Smart Card Security: Power Analysis Attacks Greg Kish Rob Rex Jamie Walls.](https://reader035.fdocuments.us/reader035/viewer/2022071806/56649f525503460f94c76b09/html5/thumbnails/8.jpg)
Simple Power Analysis
• Gathering the data– How?– What does it mean?
• Hamming weight leakage
• Transition count
• Breaking DES
![Page 9: Smart Card Security: Power Analysis Attacks Greg Kish Rob Rex Jamie Walls.](https://reader035.fdocuments.us/reader035/viewer/2022071806/56649f525503460f94c76b09/html5/thumbnails/9.jpg)
Differential Power Analysis
• Why not keep it simple?
• How its done– Attack in pieces– Only 26 choices per Sbox
![Page 10: Smart Card Security: Power Analysis Attacks Greg Kish Rob Rex Jamie Walls.](https://reader035.fdocuments.us/reader035/viewer/2022071806/56649f525503460f94c76b09/html5/thumbnails/10.jpg)
![Page 11: Smart Card Security: Power Analysis Attacks Greg Kish Rob Rex Jamie Walls.](https://reader035.fdocuments.us/reader035/viewer/2022071806/56649f525503460f94c76b09/html5/thumbnails/11.jpg)
Noise
• Noise– 4 types of noise
• External
• Intrinsic
• Quantizational
• Algorithmic
![Page 12: Smart Card Security: Power Analysis Attacks Greg Kish Rob Rex Jamie Walls.](https://reader035.fdocuments.us/reader035/viewer/2022071806/56649f525503460f94c76b09/html5/thumbnails/12.jpg)
Defenses
• Ineffective– Add Noise– Change execution order
• Promising advances– Random calculations– Hardware research
![Page 13: Smart Card Security: Power Analysis Attacks Greg Kish Rob Rex Jamie Walls.](https://reader035.fdocuments.us/reader035/viewer/2022071806/56649f525503460f94c76b09/html5/thumbnails/13.jpg)
Conclusion
• This is important!– Smart cards are convenient & powerful– Limited by their safety
• Power Analysis– Information can only be hidden