Single-Trace Template Attack on the DES Round Keys of a Recent Smart Card

A new template attack on the DES key scheduling is demonstrated that allows recovery of a sufficiently large portion of the DES key of a recent and widely deployed smart card chip with a single EM (electromagnetic) trace during the Exploitation Phase. Depending on the use case, the remainder of the key may then be found with reasonable brute– force effort on a PC. Remaining rest entropies as low as ≈ 19 bits have been found for some single–trace attacks, meaning that effectively 37 bits were recovered in a single trace. The nature of single–trace attacks has it that conventional software countermeasures are rendered useless by this attack, and thus the only remaining remedy is a hardware redesign.

[1]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[2]  Elisabeth Oswald,et al.  Template Attacks on ECDSA , 2009, WISA.

[3]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[4]  Denis Réal,et al.  Practical Electromagnetic Template Attack on HMAC , 2009, CHES.

[5]  Kevin J. Compton,et al.  A Simple Power Analysis Attack on the Serpent Key Schedule , 2009, IACR Cryptol. ePrint Arch..

[6]  Sylvain Guilley,et al.  Template Attacks with a Power Model , 2007, IACR Cryptol. ePrint Arch..

[7]  Howard M. Heys,et al.  A simple power analysis attack against the key schedule of the Camellia block cipher , 2005, Inf. Process. Lett..

[8]  Christof Paar,et al.  A Stochastic Model for Differential Side Channel Cryptanalysis , 2005, CHES.

[9]  Eric Peeters,et al.  Template Attacks in Principal Subspaces , 2006, CHES.

[10]  Ingrid Verbauwhede,et al.  Revisiting Higher-Order DPA Attacks: , 2010, CT-RSA.

[11]  Mitsuru Matsui,et al.  Cryptographic Hardware and Embedded Systems - CHES 2006, 8th International Workshop, Yokohama, Japan, October 10-13, 2006, Proceedings , 2006, CHES.

[12]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems: First InternationalWorkshop, CHES’99 Worcester, MA, USA, August 12–13, 1999 Proceedings , 1999, Lecture Notes in Computer Science.

[13]  Thomas S. Messerges,et al.  Using Second-Order Power Analysis to Attack DPA Resistant Software , 2000, CHES.

[14]  Michael J. Wiener,et al.  Advances in cryptology, CRYPTO '99 : 19th Annual International Cryptology Conference, Santa Barbara, California, USA, August 15-19, 1999 : proceedings , 1999, CRYPTO 1999.

[15]  Stefan Mangard,et al.  A Simple Power-Analysis (SPA) Attack on Implementations of the AES Key Expansion , 2002, ICISC.

[16]  Chen Zhang,et al.  Comparative Study of Various Approximations to the Covariance Matrix in Template Attacks , 2016, IACR Cryptol. ePrint Arch..

[17]  Christof Paar,et al.  Cryptographic hardware and embedded systems - CHES 2000 : second international workshop, Worcester, MA, USA, August 17-18, 2000 : proceedings , 2000 .

[18]  Christophe Clavier,et al.  Cryptographic Hardware and Embedded Systems - CHES 2009, 11th International Workshop, Lausanne, Switzerland, September 6-9, 2009, Proceedings , 2009, CHES.

[19]  Moti Yung,et al.  Information Security Applications, 9th International Workshop, WISA 2008, Jeju Island, Korea, September 23-25, 2008, Revised Selected Papers , 2009, WISA.