Power Analysis for Secret Recovering and Reverse Engineering of Public Key Algorithms

Power Analysis has been deeply studied since 1998 in order to improve the security of tamper resistant products such as Trusted Platform Module (TPM). The study has evolved from initial basic techniques like simple and differential power analysis to more complex models such as correlation. However, works on correlation techniques have essentially been focused on symmetric cryptography. We analyze here the interests of this technique when applied to different smartcard coprocessors dedicated to asymmetric cryptography implementations. This study leads us to discover and realize new attacks on RSA and ECC type algorithms with fewer curves than classical attacks. We also present how correlation analysis is a powerful tool to reverse engineer asymmetric implementations.

[1]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[2]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[3]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[4]  Robert H. Sloan,et al.  Power Analysis Attacks of Modular Exponentiation in Smartcards , 1999, CHES.

[5]  Bert den Boer,et al.  A DPA Attack against the Modular Reduction within a CRT Implementation of RSA , 2002, CHES.

[6]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.

[7]  Elaine B. Barker Digital Signature Standard (DSS) [includes Change Notice 1 from 12/30/1996] | NIST , 1994 .

[8]  Robert H. Sloan,et al.  Power analysis attacks and countermeasures for cryptographic algorithms , 2000 .

[9]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[10]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[11]  G. H. Muller,et al.  Networking in Open Systems , 1987, Lecture Notes in Computer Science.

[12]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[13]  Tanja Lange,et al.  Handbook of Elliptic and Hyperelliptic Curve Cryptography , 2005 .

[14]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[15]  Christophe Clavier,et al.  Side Channel Analysis for Reverse Engineering (SCARE) - An Improved Attack Against a Secret A3/A8 GSM Algorithm , 2004, IACR Cryptol. ePrint Arch..

[16]  Frédéric Valette,et al.  SCARE of the DES , 2005, ACNS.

[17]  C. D. Walter,et al.  Sliding Windows Succumbs to Big Mac Attack , 2001, CHES.

[18]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[19]  Roman Novak,et al.  Side-Channel Attack on Substitution Blocks , 2003, ACNS.

[20]  Marc Joye,et al.  A Protected Division Algorithm , 2002, CARDIS.

[21]  Marc Joye Smart-Card Implementation of Elliptic Curve Cryptography and DPA-type Attacks , 2004, CARDIS.

[22]  William M. Daley,et al.  Digital Signature Standard (DSS) , 2000 .

[23]  Tolga Acar,et al.  Analyzing and comparing Montgomery multiplication algorithms , 1996, IEEE Micro.