Power analysis attacks on the AES-128 S-box using differential power analysis (DPA) and correlation power analysis (CPA)

ABSTRACT This article demonstrates two fundamental techniques of power analysis, differential power analysis (DPA) and correlation power analysis (CPA), against a modern piece of hardware which is widely available to the public: the Arduino Uno microcontroller. The DPA attack we implement is referred to as the Difference of Means attack while the CPA attack is implemented by building a power model of the device using the Hamming Weight Power Model method. The cryptographic algorithm we have chosen to attack is AES-128. In particular, the AddRoundKey and SubBytes functions of this algorithm are implemented on an Arduino Uno and we demonstrate how the full 16-byte cipher key can be deduced using the two techniques by monitoring the power consumption of the device during cryptographic operations. The results of experimentation find that both forms of attack, DPA and CPA, are viable against the Arduino Uno. However, it was found that CPA produces results which are easier to interpret from an analytical perspective. Thus, our contributions in this article is providing a side-by-side comparison on how applicable these two power analysis attack techniques are along with providing a methodology to enable readers to replicate and learn how one may perform such attacks on their own hardware.

[1]  Rached Tourki,et al.  A Comparative Study of Power Consumption Models for CPA Attack , 2012 .

[2]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[3]  Hoon-Jae Lee,et al.  An Experimental CPA attack for Arduino Cryptographic Module and Analysis in Software-based CPA Countermeasures , 2014 .

[4]  Pankaj Rohatgi,et al.  Introduction to differential power analysis , 2011, Journal of Cryptographic Engineering.

[6]  Jean-Sébastien Coron,et al.  Statistics and secret leakage , 2000, TECS.

[7]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[8]  Alessandro Trifiletti,et al.  Leakage Power Analysis Attacks: A Novel Class of Attacks to Nanometer Cryptographic Circuits , 2010, IEEE Transactions on Circuits and Systems I: Regular Papers.

[9]  Dirk Fox,et al.  Advanced Encryption Standard (AES) , 1999, Datenschutz und Datensicherheit.

[10]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[11]  Dengguo Feng,et al.  Side-Channel Attacks: Ten Years After Its Publication and the Impacts on Cryptographic Module Security Testing , 2005, IACR Cryptol. ePrint Arch..

[12]  Eric Peeters,et al.  Power and electromagnetic analysis: Improved model, consequences and comparisons , 2007, Integr..

[13]  Simon Heron,et al.  Encryption: Advanced Encryption Standard (AES) , 2009 .

[14]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.