Abstract
This paper presents radiation mechanism behind Electromagnetic Analysis (EMA) from remote locations. It has been widely known that electromagnetic radiation from a cryptographic chip could be exploited to conduct side-channel attacks, yet the mechanism behind the radiation has not been intensively studied. In this paper, the mechanism is explained from the view point of Electromagnetic Compatibility (EMC): electric fluctuation released from a cryptographic chip can conduct to peripheral circuits based on ground bounce, resulting in radiation. We demonstrate the consequence of the mechanism through experiments. For this purpose, Simple Electromagnetic Analysis (SEMA) and Differential Electromagnetic Analysis (DEMA) are conducted on FPGA implementations of RSA and AES, respectively. In the experiments, radiation from power and communication cables attached to the FPGA platform is measured. The result indicates, the information leakage can extend beyond security boundaries through such cables, even if the module implements countermeasures against invasive attacks to deny access at its boundary. We conclude that the proposed mechanism can be used to predict circuit components that cause information leakage. We also discuss advanced attacks and noise suppression technologies as countermeasures.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)
Anderson, R., Bond, M., Clulow, J., Skorobogatov, S.: Cryptographic Processors-A Survey. Proceedings of the IEEE 94(2), 357–369 (2006)
Quisquater, J.-J., Samyde, D.: ElectroMagnetic Analysis (EMA): Measures and Countermeasures for Smart Cards. In: Proceedings of E-smart (September 2001)
Grandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic Analysis: Concrete Results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001)
Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM Side-Channel(s). In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003)
Kim, C., Schlaffer, M., Moon, S.: Differential Side Channel Analysis Attacks on FPGA Implementations of ARIA. ETRI Journal. 30(2), 315–325 (2008)
Suzuki, D., Saeki, M., Ichikawa, T.: DPA Leakage Models for CMOS Logic Circuits. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 366–382. Springer, Heidelberg (2005)
Peeters, E., Standaert, F.-X., Quisquater, J.-J.: Power and Electromagnetic Analysis: Improved Model, Consequences and Comparisons. Integration, the VLSI Journal 40(1), 52–60 (2007)
Sudo, T., Sasaki, H., Masuda, N., Drewniak, J.: Electromagnetic Interference (EMI) of System-on-Package (SOP). IEEE Transactions on Advanced Packaging 27(2), 304–314 (2004)
Yang, Y., Brews, J.R.: Design Trade-offs for the Last Stage of an Unregulated, Long-channel CMOS Off-chip Driver with Simultaneous Switching Noise and Switching Time Considerations, Components, Packaging, and Manufacturing Technology, Part B. IEEE Transactions on Advanced Packaging 19(3), 481–486 (1996)
Drewniak, J., Sha, F., Van Doren, T., Hubing, T., Shaw, J.: Diagnosing and Modeling Common-mode Radiation from Printed Circuit Boards with Attached Cables. In: Proceedings of the 1995 IEEE International Symposium on Electromagnetic Compatibility, pp. 465–470 (1995)
Hockanson, D., Drewniak, J., Hubing, T., Van Doren, T., Sha, F., Wilhelm, M.: Investigation of Fundamental EMI Source Mechanisms Driving Common-mode Radiation from Printed Circuit Boards with Attached Cables. IEEE Trans. Electromagn. Compat. 38(4), 557–566 (1996)
Paul, C.R.: Introduction to Electromagnetic Compatibility (Wiley Series in Microwave and Optical Engineering). Wiley Interscience, Hoboken (2006)
Side-channel Attack Standard Evaluation Board (SASEBO), http://www.rcis.aist.go.jp/special/SASEBO/
AOR, LA380 Wideband Active Loop Antenna, http://www.aorusa.com/la380.html
Fischer Custom Communications, Inc., F-2000 Current Probe, http://www.fischercc.com/Quadrary-Pages/Current-Probes/F-2000.htm
Homma, N., Nagashima, S., Imai, Y., Aoki, T., Satoh, A.: High-resolution Side-Channel Attack Using Phase-Based Waveform Matching. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 187–200. Springer, Heidelberg (2006)
Cryptographic Hardware Project, Computer Structures Laboratory, Graduate School of Information Sciences, Tohoku University, http://www.aoki.ecei.tohoku.ac.jp/crypto/
Miyamoto, A., Homma, N., Aoki, T., Satoh, A.: Chosen-Message SPA Attacks Against FPGA-Based RSA Hardware Implementation. In: Proceedings of the International Conference on Field Programmable Logic and Applications (FPL 2008), pp.35–40 (September 2008)
Brier, E., Clavier, C., Olivier, F.: Correlation Power Analysis with a Leakage Model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sugawara, T. et al. (2009). Mechanism behind Information Leakage in Electromagnetic Analysis of Cryptographic Modules. In: Youm, H.Y., Yung, M. (eds) Information Security Applications. WISA 2009. Lecture Notes in Computer Science, vol 5932. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10838-9_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-10838-9_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-10837-2
Online ISBN: 978-3-642-10838-9
eBook Packages: Computer ScienceComputer Science (R0)