On Comparing Side-Channel Preprocessing Techniques for Attacking RFID Devices

Security-enabled RFID tags become more and more important and integrated in our daily life. While the tags implement cryptographic algorithms that are secure in a mathematical sense, their implementation is susceptible to attacks. Physical side channels leak information about the processed secrets. This article focuses on practical analysis of electromagnetic (EM) side channels and evaluates different preprocessing techniques to increase the attacking performance. In particular, we have applied filtering and EM trace-integration techniques as well as Differential Frequency Analysis (DFA) to extract the secret key. We have investigated HF and UHF tag prototypes that implement a randomized AES implementation in software. Our experiments prove the applicability of different preprocessing techniques in a practical case study and demonstrate their efficiency on RFID devices. The results clarify that randomization as a countermeasure against side-channel attacks might be an insufficient protection for RFID tags and has to be combined with other proven countermeasure approaches.

[1]  Máire O'Neill,et al.  New Architectures for Low-Cost Public Key Cryptography on RFID Tags , 2007, 2007 IEEE International Symposium on Circuits and Systems.

[2]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[3]  Tal Malkin Topics in Cryptology - CT-RSA 2008, The Cryptographers' Track at the RSA Conference 2008, San Francisco, CA, USA, April 8-11, 2008. Proceedings , 2008, CT-RSA.

[4]  Dakshi Agrawal,et al.  The EM Side-Channel(s) , 2002, CHES.

[5]  Sandra Dominikus,et al.  Strong Authentication for RFID Systems Using the AES Algorithm , 2004, CHES.

[6]  Akashi Satoh,et al.  High-Resolution Side-Channel Attack Using Phase-Based Waveform Matching , 2006, CHES.

[7]  Mitsuru Matsui,et al.  Cryptographic Hardware and Embedded Systems - CHES 2006, 8th International Workshop, Yokohama, Japan, October 10-13, 2006, Proceedings , 2006, CHES.

[8]  Marc Joye,et al.  Cryptographic Hardware and Embedded Systems - CHES 2004 , 2004, Lecture Notes in Computer Science.

[9]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2002 , 2003, Lecture Notes in Computer Science.

[10]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[11]  Thomas Jensen,et al.  Smart Card Programming and Security , 2001, Lecture Notes in Computer Science.

[12]  Johannes Wolkerstorfer,et al.  Coupon Recalculation for the GPS Authentication Scheme , 2008, CARDIS.

[13]  Christophe Clavier,et al.  Differential Power Analysis in the Presence of Hardware Countermeasures , 2000, CHES.

[14]  Ingrid Verbauwhede,et al.  Cryptographic Hardware and Embedded Systems - CHES 2007, 9th International Workshop, Vienna, Austria, September 10-13, 2007, Proceedings , 2007, CHES.

[15]  Daniel W. Engels,et al.  RFID Systems and Security and Privacy Implications , 2002, CHES.

[16]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[17]  Thomas Plos,et al.  Susceptibility of UHF RFID Tags to Electromagnetic Analysis , 2008, CT-RSA.

[18]  Norbert Felber,et al.  ECC Is Ready for RFID - A Proof in Silicon , 2008, Selected Areas in Cryptography.

[19]  Marc Witteman,et al.  Advances in Smartcard Security , 2002 .

[20]  Tim Kerins,et al.  Public-Key Cryptography for RFID-Tags , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[21]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[22]  Berk Sunar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2005, 7th International Workshop, Edinburgh, UK, August 29 - September 1, 2005, Proceedings , 2005, CHES.

[23]  Adi Shamir,et al.  Remote Password Extraction from RFID Tags , 2007, IEEE Transactions on Computers.

[24]  Roger Frost,et al.  International Organization for Standardization (ISO) , 2004 .

[25]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[26]  Stefan Mangard,et al.  Power and EM Attacks on Passive 13.56 MHz RFID Devices , 2007, CHES.

[27]  Jean-Louis Lanet,et al.  Smart Card Research and Advanced Application, 9th IFIP WG 8.8/11.2 International Conference, CARDIS 2010, Passau, Germany, April 14-16, 2010. Proceedings , 2010, CARDIS.

[28]  Catherine H. Gebotys,et al.  EM Analysis of Rijndael and ECC on a Wireless Java-Based PDA , 2005, CHES.

[29]  Frank Stajano Security in Pervasive Computing , 2003, SPC.

[30]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2006, 8th International Workshop, Yokohama, Japan, October 10-13, 2006, Proceedings , 2006, CHES.