Skip to main content
Springer Nature Link
Log in

Power Analysis of Atmel CryptoMemory – Recovering Keys from Secure EEPROMs

  • Conference paper
Topics in Cryptology – CT-RSA 2012 (CT-RSA 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7178))

Included in the following conference series:

  • 1815 Accesses

Abstract

Atmel CryptoMemory devices offer non-volatile memory with access control and authenticated encryption. They are used in commercial and military applications e.g. to prevent counterfeiting, to store secrets such as biometric data and cryptographic keys, and in electronic payment systems. Atmel advertises the devices as “secure against all the most sophisticated attacks, [...] including physical attacks”. We developed a successful power analysis attack on the authentication step of CryptoMemory devices. Despite the physical security claims by Atmel we found that the devices are not protected against power analysis attacks, except for counters that limit the number of (failed) authentication attempts, and thus power traces, to at most three. We examined the handling of these counters and discovered a flaw that allows us to bypass them, and to obtain power traces from an unlimited number of failed authentication attempts. Our attacks need as few as 100 power traces to recover the secret 64-bit authentication keys. From measurements to full key extraction, the attacks can be carried out in less than 20 minutes on a standard laptop. Once the keys are known, an adversary can read protected contents, clone devices, and manipulate the memory at will, e.g. to set the balance of an electronic wallet. To our knowledge, this is the first power analysis attack on Atmel CryptoMemory products reported in the literature.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. AT88SC0204 ChipResetter, http://chipreset.atw.hu/6/index61.html

  2. Coinamatic, http://www.coinamatic.com

  3. ISO/IEC 7816-3: Identification cards - integrated circuit(s) cards with contacts - part 3: Electronic signals and transmission protocols (1997)

    Google Scholar 

  4. Labgear HDSR300 High Definition Satellite Receiver. User Guide, http://www.free-instruction-manuals.com/pdf/p4789564.pdf

  5. Anderson, D.: Understanding CryptoMemory - The World’s Only Secure Serial EEPROM, http://www.atmel.com/atmel/acrobat/doc5064.pdf

  6. Atmel. CryptoMemory features, http://www.atmel.com/microsite_cryptomemory/iwe/index.html?source=tout_other2

  7. Atmel. CryptoMemory Specification, http://www.atmel.com/atmel/acrobat/doc5211.pdf

  8. Atmel. CryptoMemory Powerful Security at Low Cost, http://www.atmel.com/atmel/acrobat/doc5259.pdf

  9. Atmel. CryptoRF Specification, http://www.atmel.com/atmel/acrobat/doc5276.pdf

  10. Atmel. News Release, http://www.cryptomemorykey.com/pdfs/AtmelPR.pdf

  11. Atmel. Secure Memory with Authentication AT88SC153, http://www.atmel.com/atmel/acrobat/doc1016.pdf

  12. Atmel. Secure Memory with Authentication AT88SC1608, http://www.atmel.com/atmel/acrobat/doc0971.pdf

  13. Atmel Corporation. Plug-and-Play Crypto Chip for Host-Side Security, http://www.atmel.com/dyn/corporate/view_detail.asp?ref=&FileName=Cryptocompanion_2_26.html&SEC_NAME=Product

  14. Benhammou, J.P., Jarboe, M.: Security at an affordable price. Atmel Applications Journal, 29–30 (2004)

    Google Scholar 

  15. Biryukov, A., Kizhvatov, I., Zhang, B.: Cryptanalysis of the Atmel Cipher in SecureMemory, CryptoMemory and CryptoRF. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 91–109. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  16. Bogdanov, A.: Linear Slide Attacks on the KeeLoq Block Cipher. In: Pei, D., Yung, M., Lin, D., Wu, C. (eds.) Inscrypt 2007. LNCS, vol. 4990, pp. 66–80. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  17. Brier, E., Clavier, C., Olivier, F.: Correlation Power Analysis with a Leakage Model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  18. Chari, S., Rao, J.R., Rohatgi, P.: Template Attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  19. Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., Shalmani, M.T.M.: On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoq Code Hopping Scheme. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 203–220. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  20. Garcia, F.D., de Koning Gans, G., Muijrers, R., van Rossum, P., Verdult, R., Schreur, R.W., Jacobs, B.: Dismantling MIFARE Classic. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 97–114. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  21. Garcia, F.D., van Rossum, P., Verdult, R., Schreur, R.W.: Dismantling SecureMemory, CryptoMemory and CryptoRF. In: Keromytis, A., Shmatikov, V. (eds.) Proceedings of ACM CCS 2010, pp. 250–259. ACM Press (2010)

    Google Scholar 

  22. Kasper, M., Kasper, T., Moradi, A., Paar, C.: Breaking KeeLoq in a Flash: On Extracting Keys at Lightning Speed. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 403–420. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  23. Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  24. Lee, J., Pahl, N.: Bypassing Smart-Card Authentication and Blocking Debiting: Vulnerabilities in Atmel CryptoMemory based Stored-Value Systems. DEFCON 18 (2010)

    Google Scholar 

  25. Messerges, T.: Power analysis attack countermeasures and their weaknesses. In: CEPS Workshop (2000)

    Google Scholar 

  26. Moradi, A., Barenghi, A., Kasper, T., Paar, C.: On the Vulnerability of FPGA Bitstream Encryption against Power Analysis Attacks Extracting Keys from Xilinx Virtex-II FPGAs. In: Danezis, G., Shmatikov, V. (eds.) Proceedings of ACM CCS 2011, pp. 111–124. ACM Press (2011)

    Google Scholar 

  27. Nohl, K., Evans, D., Starbug, Plötz, H.: Reverse-engineering a cryptographic RFID tag. In: Proceedings of USENIX 2008, pp. 185–193. USENIX Association (2008)

    Google Scholar 

  28. NVIDIA. Checklist for Building a PC that Plays HD DVD or Blu-ray Movies, ftp://download.nvidia.com/downloads/pvzone/Checklist_for_Building_a_HDPC.pdf

  29. Oswald, D., Paar, C.: Breaking Mifare DESFire MF3ICD40: Power Analysis and Templates in the Real World. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 207–222. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  30. Hearst Electronic Products. Microsoft Zune HD 16GB, what’s inside, http://www2.electronicproducts.com/Microsoft_Zune_HD_16GB-whatsinside_text-89.aspx

  31. Tektronix. DPO7000C Oscilloscope Series, http://www.tek.com/products/oscilloscopes/dpo7000/

  32. Viksler, H.: Web Laundry (In)Security, http://ihackiam.blogspot.com/2010/09/web-laundry-insecurity.html

  33. Xilinx. XUP Virtex-II Pro Development System User Manual, http://www.xilinx.com/univ/XUPV2P/Documentation/ug069.pdf

Download references

Author information

Authors and Affiliations

  1. ESAT/COSIC and IBBT, K.U.Leuven, Kasteelpark Arenberg 10, 3001, Leuven-Heverlee, Belgium

    Josep Balasch, Benedikt Gierlichs, Lejla Batina & Ingrid Verbauwhede

  2. ICIS/Digital Security Group, Radboud University Nijmegen, Heyendaalseweg 135, 6525, AJ, Nijmegen, The Netherlands

    Roel Verdult & Lejla Batina

Authors
  1. Josep Balasch
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Benedikt Gierlichs
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Roel Verdult
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Lejla Batina
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Ingrid Verbauwhede
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, University of Haifa, 31905, Haifa, Israel

    Orr Dunkelman

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Balasch, J., Gierlichs, B., Verdult, R., Batina, L., Verbauwhede, I. (2012). Power Analysis of Atmel CryptoMemory – Recovering Keys from Secure EEPROMs. In: Dunkelman, O. (eds) Topics in Cryptology – CT-RSA 2012. CT-RSA 2012. Lecture Notes in Computer Science, vol 7178. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27954-6_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-27954-6_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-27953-9

  • Online ISBN: 978-3-642-27954-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics