Skip to main content
SpringerLink
Log in
Book cover

International School on Foundations of Security Analysis and Design

International School on Foundations of Security Analysis and Design

FOSAD 2005, FOSAD 2004: Foundations of Security Analysis and Design III pp 78–108Cite as

A Tutorial on Physical Security and Side-Channel Attacks

  • Chapter

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3655))

Abstract

A recent branch of cryptography focuses on the physical constraints that a real-life cryptographic device must face, and attempts to exploit these constraints (running time, power consumption, ...) to expose the device’s secrets. This gave birth to implementation-specific attacks, which often turned out to be much more efficient than the best known cryptanalytic attacks against the underlying primitive as an idealized object. This paper aims at providing a tutorial on the subject, overviewing the main kinds of attacks and highlighting their underlying principles.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. NSA tempest series, Available at, http://cryptome.org/#NSA–TS

  2. Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM side channel. In: Kaliski, et al. (eds.) [38]

    Google Scholar 

  3. Agrawal, D., Rao, J.R., Rohatgi, P.: Multi-channel attacks. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 2–16. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  4. Akkar, M.-L., Giraud, C.: An implementation of DES and AES, secure against some attacks. In: Koç, Ç.K., et al. (eds.) [16]

    Google Scholar 

  5. Anderson, R., Kuhn, M.: Tamper resistance – a cautionary note. In: Proc. of the second USENIX workshop on electronic commerce, Oakland, California, November 18-21, pp. 1–11 (1996)

    Google Scholar 

  6. Anderson, R., Kuhn, M.: Low cost attacks on tamper resistant devices. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 125–136. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  7. Anderson, R.J.: Security engineering. Wiley & Sons, New York (2001)

    Google Scholar 

  8. Bernstein, D.J.: Cache-timing attacks on AES (November 2004), Available at, http://cr.yp.to/antiforgery/cachetiming-20050414.pdf

  9. Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)

    Google Scholar 

  10. Blömer, J., Seifert, J.P.: Fault based cryptanalysis of the advanced encryption standard (AES), Cryptology ePrint Archive: Report 2002/075, Available at, http://eprint.iacr.org

  11. Boneh, D. (ed.): CRYPTO 2003. LNCS, vol. 2729. Springer, Heidelberg (2003)

    MATH  Google Scholar 

  12. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)

    Google Scholar 

  13. Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  14. Brier, E., Handschuh, H., Tymen, C.: Fast primitives for internal data scrambling in tamper resistant hardware. In: Koç, Ç.K., et al. (eds.) [16], pp. 16–27

    Google Scholar 

  15. Canvel, B., Hiltgen, A., Vaudenay, S., Vuagnoux, M.: Password interception in a SSL/TLS channel. In: Boneh (ed.) [11]

    Google Scholar 

  16. Koç, Ç.K., Naccache, D., Paar, C. (eds.): CHES 2001. LNCS, vol. 2162. Springer, Heidelberg (2001)

    MATH  Google Scholar 

  17. Koç, Ç.K., Paar, C. (eds.): CHES 1999. LNCS, vol. 1717. Springer, Heidelberg (1999)

    MATH  Google Scholar 

  18. Paar, C., Koç, Ç.K. (eds.): CHES 2000. LNCS, vol. 1965. Springer, Heidelberg (2000)

    MATH  Google Scholar 

  19. Chari, S., Jutla, C., Rao, J., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 398. Springer, Heidelberg (1999)

    Google Scholar 

  20. Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski, et al. (eds.) [38]

    Google Scholar 

  21. Chevallier-Mames, B., Ciet, M., Joye, M.: Low-cost solutions for preventing simple side-channel analysis: Side-channel atomicity. IEEE Transactions on Computers 53(6) (2004)

    Google Scholar 

  22. Clavier, C., Coron, J.S., Dabbous, N.: Differential power analysis in the presence of hardware countermeasures. In: Kaliski, et al. (eds.) [39]

    Google Scholar 

  23. Compton, K., Hauck, S.: Reconfigurable computing: A survey of systems and software. ACM Computing Surveys 34(2) (2002)

    Google Scholar 

  24. Coron, J.-S.: Resistance against differential power analysis for elliptic curves cryptosystems. In: Koç, Ç.K., Paar (eds.) [17]

    Google Scholar 

  25. Dhem, J.-F., Koeune, F., Leroux, P.-A., Mestré, P., Quisquater, J.-J., Willems, J.-L.: A practical implementation of the timing attack. In: Schneier, B., Quisquater, J.-J. (eds.) CARDIS 1998. LNCS, vol. 1820, Springer, Heidelberg (2000)

    Google Scholar 

  26. Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: Concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  27. Golic, J.D.: DeKaRT: A new paradigm for key-dependent reversible circuits. In: Kaliski, et al. (eds.) [39], pp. 98–112

    Google Scholar 

  28. Goubin, L., Patarin, J.: DES and differential power analysis: the duplication method. In: Koç, Ç.K., Paar (eds.) [17]

    Google Scholar 

  29. Gutmann, P.: Secure deletion of data from magnetic and solid-state memory. In: Proc. of 6th USENIX Security Symposium, pp. 77–89 (1997)

    Google Scholar 

  30. Gutmann, P.: Data remanence in semiconductor devices. In: Proc. of 7th USENIX Security Symposium (1998)

    Google Scholar 

  31. Handschuh, H., Paillier, P., Stern, J.: Probing attacks on tamper-resistant devices. In: Koç, Ç.K., Paar (eds.) [17]

    Google Scholar 

  32. Ishai, Y., Sahai, A., Wagner, D.: Private circuits: Securing hardware against probing attacks. In: Boneh (ed.) [11]

    Google Scholar 

  33. Itoh, K., Yajima, J., Takenaka, M., Torii, N.: DPA countermeasures by improving the window method. In: Kaliski, B.S., et al. (eds.) [38]

    Google Scholar 

  34. Izu, T., Takagi, T.: Fast parallel elliptic curve multiplications resistant to side channel attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 335–345. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  35. Joshi, N., Wu, K., Karry, R.: Concurrent error detection schemes for involution ciphers. In: Koç, Ç.K., Paar, C. (eds.) [18], pp. 400–412

    Google Scholar 

  36. Joye, M., Quisquater, J.-J.: Hessian elliptic curves and side-channel attacks. In: Koç, Ç.K., et al. (eds.) [16]

    Google Scholar 

  37. Joye, M., Lenstra, A.K., Quisquater, J.-J.: Chinese remaindering based cryptosystems in the presence of faults. Journal of cryptology 12(4), 241–245 (1999)

    Article  MATH  Google Scholar 

  38. Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.): CHES 2002. LNCS, vol. 2523. Springer, Heidelberg (2003)

    Google Scholar 

  39. Kaliski, B.S., Koç, Ç.K., Paar, C. (eds.): Cryptographic Hardware and Embedded Systems - CHES 2003. LNCS, vol. 2779. Springer, Heidelberg (September 2003)

    Google Scholar 

  40. Karpovsky, M., Kulikowski, K.J., Taubin, A.: Differential fault analysis attack resistant architectures for the advanced encryption standard. In: proceedings of CARDIS 2004 (2004)

    Google Scholar 

  41. Karri, R., Kuznetsov, G., Gössel, M.: Parity-based concurrent error detection of substitution-permutation network block ciphers. In: Kaliski, B.S., et al. (eds.) [39]

    Google Scholar 

  42. Kocher, P.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)

    Google Scholar 

  43. Kocher, P., Jaffe, J., Jub, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Google Scholar 

  44. Kömmerling, O., Kuhn, M.G.: Design principles for tamper-resistant smartcard processors. In: Proc. of USENIX Workshop on Smartcard Technology (Smartcard 1999) (1999)

    Google Scholar 

  45. Mace, F., Standaert, F.-X., Hassoune, I., Legat, J.-D., Quisquater, J.-J.: A dynamic current mode logic to counteract power analysis attacks. In: proceedings of DCIS (2004)

    Google Scholar 

  46. Maher, D.P.: Fault induction attacks, tamper resistance, and hostile reverse engineering in perspective. In: Luby, M., Rolim, J.D.P., Serna, M. (eds.) FC 1997. LNCS, vol. 1318. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  47. Mangard, S.: Hardware countermeasures against DPA - a statistical analysis of their effectiveness. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 222–235. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  48. May, D., Muller, H., Smart, N.: Randomized register renaming to foil DPA. In: Koç, Ç.K., et al. (eds.) [16]

    Google Scholar 

  49. Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of applied cryptography. CRC Press, Boca Raton (1997)

    MATH  Google Scholar 

  50. Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Investigations of power analysis attacks on smartcards. In: Proc. USENIX Workshop on Smartcard Technology (1999)

    Google Scholar 

  51. Messerges, T.S.: Using second-order power analysis to attack DPA resistant software. In: Koç, Ç.K., Paar, C. (eds.) [18]

    Google Scholar 

  52. Montgomery, P.L.: Modular multiplication without trial division. Mathematics of Computation 44(170), 519–521 (1985)

    Article  MATH  MathSciNet  Google Scholar 

  53. National Bureau of Standards, FIPS 197, Advanced Encryption Standard, Federal Information Processing Standard, NIST, U.S. Dept. of Commerce (November 2001)

    Google Scholar 

  54. National Bureau of Standards, FIPS PUB 46, The Data Encryption Standard, Federal Information Processing Standard, NIST, U.S. Dept. of Commerce (January 1977)

    Google Scholar 

  55. Ors, S.B., Gurkaynak, F., Oswald, E., Preneel, B.: Power-analysis attack on an asic aes implementation. In: proceedings of ITCC (2004)

    Google Scholar 

  56. Quisquater, J.-J., Samyde, D.: Eddy current for magnetic analysis with active sensor. In: Proc. of Esmart 2002 (2002)

    Google Scholar 

  57. Quisquater, J.-J., Koeune, F.: Side-channel attacks: state-of-the-art. CRYPTREC project deliverable (October 2002), available at, http://www.ipa.go.jp/security/enc/CRYPTREC/fy15/doc/1047_Side_Channel_report.pdf

  58. Quisquater, J.-J., Samyde, D.: A new tool for non-intrusive analysis of smart cards based on electro-magnetic emissions: the SEMA and DEMA methods. Eurocrypt rump session (2000)

    Google Scholar 

  59. Quisquater, J.-J., Samyde, D.: Electromagnetic analysis (EMA): measures and countermeasures for smart cards. In: Attali, S., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 200–210. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  60. Rankl, W., Effing, W.: Smart card handbook. John Wiley & Sons, Chichester (1997)

    Google Scholar 

  61. Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public key cryptosystems 21 (1978)

    Google Scholar 

  62. Schindler, W.: Optimized timing attacks against public key cryptosystems. Statistics & Decisions (2000) (to appear)

    Google Scholar 

  63. Schindler, W., Quisquater, J.-J., Koeune, F.: Improving divide and conquer attacks against cryptosystems by better error detection correction strategies. In: Honary, B. (ed.) Cryptography and Coding 2001. LNCS, vol. 2260, pp. 245–267. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  64. Shamir, A.: How to check modular exponentiation. In: Presented at the rump session of EUROCRYPT 1997, Konstanz, Germany

    Google Scholar 

  65. Shamir, A.: Protecting smart cards from passive power analysis with detached power supplies. In: Koç, Ç.K., Paar, C. (eds.) [18]

    Google Scholar 

  66. Skorobogatov, S., Anderson, R.: Optical fault induction attacks. In: Kaliski, B.S., et al. (eds.) [38]

    Google Scholar 

  67. Standaert, F.-X., Ors, S.B., Preneel, B.: Power analysis of an fpga implementation of rijndael: is pipelining a dpa countermeasure? In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 30–44. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  68. Standaert, F.-X., Ors, S.B., Quisquater, J.-J., Preneel, B.: Power analysis attacks against FPGA implementations of the DES. In: Becker, J., Platzner, M., Vernalde, S. (eds.) FPL 2004. LNCS, vol. 3203, pp. 84–94. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  69. Bar-El, H., et al.: The sorcerer’s apprentice guide to fault attacks, Tech. Report 2004/100, IACR eprint archive (2004), Available at, http://eprint.iacr.org

  70. Tiri, K., Akmal, M., Verbauwhede, I.: A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards. In: proceedings of ESSCIRC (2003)

    Google Scholar 

  71. Waddle, J., Wagner, D.: Towards efficient second-order power analysis. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 1–15. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  72. Waddle, J.D., Wagner, D.A.: Fault attacks on dual-rail encoded systems, Tech report UCB//CSD-04-1347, UC Berkeley, August 23 (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. UCL Crypto Group, Place du Levant, 3., 1348, Louvain-la-Neuve, Belgium

    François Koeune & François-Xavier Standaert

  2. K2Crypt, Place Verte 60 box 2, 1348, Louvain-la-Neuve, Belgium

    François Koeune

Authors
  1. François Koeune
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. François-Xavier Standaert
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Istituto di Scienze e Tecnologie dell’Informazione, Università degli Studi di Urbino “Carlo Bo”, Piazza della Repubblica 13, 61029, Urbino, Italy

    Alessandro Aldini

  2. Dipartimento di Scienze dell’Informazione, Università di Bologna, Mura A. Zamboni, 7, 40127, Bologna, Italy

    Roberto Gorrieri

  3. IIT CNR, Pisa, via Moruzzi, 1, 56125, Pisa, Italy

    Fabio Martinelli

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Koeune, F., Standaert, FX. (2005). A Tutorial on Physical Security and Side-Channel Attacks. In: Aldini, A., Gorrieri, R., Martinelli, F. (eds) Foundations of Security Analysis and Design III. FOSAD FOSAD 2005 2004. Lecture Notes in Computer Science, vol 3655. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11554578_3

Download citation

  • DOI: https://doi.org/10.1007/11554578_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-28955-5

  • Online ISBN: 978-3-540-31936-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation