论文信息 - Side-Channel Analysis

Side-Channel Analysis

Electronic devices have to comply with consumption constraints especially on autonomous equipments, like mobile phones. Power analysis has been included into most certification processes regarding products dealing with information security such as smart cards. The electrical consumption of any electronic device can be measured with a resistor inserted between the ground or Vcc pins and the actual ground in order to transform the supplied current into a voltage easily monitored with an oscilloscope. Within a micro-controller the peripherals consume differently. For instance writing into non-volatile memory requires more energy than reading. Certain chips for smart cards enclose a crypto-processor, i.e., a particular device dedicated to specific cryptographic operations, which generally entails a consumption increase. The consumption trace of a program running inside a microcontroller or a microprocessor is full of information. The signal analysis may disclose lots of things about the used resources or about the process itself. This illustrates the notion of side channel as a source of additional information. Basically a power consumption trace exhibits large scale patterns most often related to the structure of the executed code. The picture below (Fig. 1) shows the power trace of a smart-card chip ciphering a message with the Advanced Encryption Standard (AES). The ten rounds are easily recognised with nine almost regular patterns first followed by a shorter one.

Marc Joye | Francis Olivier

[1] Paul C. Kocher,et al. Differential Power Analysis , 1999, CRYPTO.

[2] Pankaj Rohatgi,et al. Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[3] Paul C. Kocher,et al. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[4] Thomas S. Messerges,et al. Using Second-Order Power Analysis to Attack DPA Resistant Software , 2000, CHES.

[5] Peter K. Pearson,et al. IPA: A New Class of Power Attacks , 1999, CHES.

[6] Robert H. Sloan,et al. Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[7] Francis Olivier,et al. Electromagnetic Analysis: Concrete Results , 2001, CHES.

[8] Jean-Sébastien Coron,et al. Statistics and secret leakage , 2000, TECS.