Smart Card Security: Power Analysis Attacks

Greg Kish

Rob Rex

Jamie Walls

Overview

• Introduction

• Background– What is a Smart Card – Evolution– Attacks

• Power Analysis

• Conclusion

Background

• What is a ‘smart card’?– vs. dumb cards– Why smart cards?

• Applications

• Physical Characteristics– At a glance– ISO 7816-2:1988

Evolution

• Embossed numbers and cardholder’s name

• Signature field

• Magnetic stripe

• Hologram

• Internet fraud

• Smart card

Attacks

• Invasive– Physically breaking the card

• Non-Invasive– Glitching– Malicious applets– Power analysis

Simple Power Analysis

• Gathering the data– How?– What does it mean?

• Hamming weight leakage

• Transition count

• Breaking DES

Simple Power Analysis

• Gathering the data– How?– What does it mean?

• Hamming weight leakage

• Transition count

• Breaking DES

Differential Power Analysis

• Why not keep it simple?

• How its done– Attack in pieces– Only 26 choices per Sbox

Noise

• Noise– 4 types of noise

• External

• Intrinsic

• Quantizational

• Algorithmic

Defenses

• Ineffective– Add Noise– Change execution order

• Promising advances– Random calculations– Hardware research

Conclusion

• This is important!– Smart cards are convenient & powerful– Limited by their safety

• Power Analysis– Information can only be hidden