Power analysis attacks on wireless sensor nodes using CPU smart card

In wireless sensor networks (WSN), CPU smart cards can be used as crypto accelerators and temper-resistant storages to improve security. But Side Channel Attacks (SCA) can bypass temper-resistant mechanisms and recover the confidential information without being detected. In this work, a typical black-box Side Channel Attack (SCA) on a real-life 32-Bit CPU smart card against Triple Data Encryption Standard (3DES) is successfully conducted, and the whole 112 key bits of 3DES are recovered with moderate effort which is around 80,000 power traces. Our result highlights that SCA is a practical threat in the security of WSN, and proper countermeasures against SCA should be used.

[1]  Jean-Louis Lacoume,et al.  Noise Reduction in Side Channel Attack Using Fourth-Order Cumulant , 2007, IEEE Transactions on Information Forensics and Security.

[2]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[3]  Christof Paar,et al.  Black-Box Side-Channel Attacks Highlight the Importance of Countermeasures - An Analysis of the Xilinx Virtex-4 and Virtex-5 Bitstream Encryption Mechanism , 2012, CT-RSA.

[4]  Li Xiao,et al.  Securing Sensor Nodes Against Side Channel Attacks , 2008, 2008 11th IEEE High Assurance Systems Engineering Symposium.

[5]  François-Xavier Standaert,et al.  Stealthy Compromise of Wireless Sensor Nodes with Power Analysis Attacks , 2010, MOBILIGHT.

[6]  Christof Paar,et al.  Breaking Mifare DESFire MF3ICD40: Power Analysis and Templates in the Real World , 2011, CHES.

[7]  Martin Feldhofer,et al.  Evaluation of Side-Channel Preprocessing Techniques on Cryptographic-Enabled HF and UHF RFID-Tag Prototypes , 2008 .

[8]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[9]  Christophe Clavier,et al.  Differential Power Analysis in the Presence of Hardware Countermeasures , 2000, CHES.

[10]  Christof Paar,et al.  On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoqCode Hopping Scheme , 2008, CRYPTO.

[11]  Jasper G. J. van Woudenberg,et al.  Improving Differential Power Analysis by Elastic Alignment , 2011, CT-RSA.

[12]  Xavier Charvet,et al.  Improving the DPA attack using Wavelet transform ∗ , 2005 .

[13]  Frantisek Zboril,et al.  Agent Platform for Wireless Sensor Network with Support for Cryptographic Protocols , 2009, J. Univers. Comput. Sci..

[14]  Tetsu Iwata,et al.  Side Channel Attacks on Message Authentication Codes , 2005, ESAS.

[15]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.