Abstract
In this paper, we present an examination of several side-channel attack scenarios on PC-based cryptosystems. Our goal was the development of a unified physical model for sensitive information leakage. The main focus of our work was electromagnetic side channels since signals with high signal-to-noise ratio (SNR) can be more conveniently captured. Moreover, the attacker can make correlations of the EM signal with other types of side-channel signals (such as voltage fluctuations and acoustic emanations). It shows that there may be a common source for a vulnerable signal that passes through several sides channels. We have simulated several attacks on targeted cryptosystems with distinct instruction sets. Trace analysis reveals empirical evidence. which corresponds to the theoretical principles of the mechanisms x86 and x64 processors. Hardware reasons for leakage come from the instructions and data in the processor cache, to be specific, from the fluctuations of power consumption, leading to changes in the voltage regulator of the processor. Thus, the fluctuations in LC circuits result in leakage on multiple side channels. In general, the obtained data together with the principles of signal formation can be used in vulnerability testing, which can examine side-channel robustness of cryptographic software on the first steps of development.
Similar content being viewed by others
References
Genkin, D., Shamir, A., Tromer, E.: RSA key extraction via low-bandwidth acoustic cryptanalysis (extended version). In: IACR Cryptology ePrint Archive, 2013:857 (2013)
Genkin, D., Pipman, I., Tromer, E.: Get your hands off my laptop: physical side-channel key-extraction attacks on PCs. In: CHES, pp. 242–260 (2014)
Genkin, D., Pachmanov, L., Pipman, I., Tromer, E,: Stealing keys from PCs by radio: cheap electromagnetic attacks on windowed exponentiation. In: IACR Cryptology ePrint Archive, 2015:170 (2015)
Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 388. Springer, Heidelberg (1999)
Nicolaescu, D., Veidenbaum, A., Nicolau, A.: Reducing data cache energy consumption via cached load/store queue. In: Proceedings of the 9th international symposium on low power electronics and design (ISLPED’03), Seoul (Corea) (2003)
Coppersmith, D.: Small solutions to polynomial equations, and low exponent RSA vulnerabilities. J. Cryptolo. 10(4), 233–260 (1997)
Intel. Intel 64 and IA-32 Architectures Optimization Reference Manual. http://www.intel.com/content/www/us/en/processors/architectures-software-developer-manuals.html
Fog, A.: Instruction tables: lists of instruction latencies, throughputs and micro-operation breakdowns for Intel, AMD and VIA CPUs. http://www.agner.org/optimize/
Cachegrind: a cache and branch-prediction profiler. http://valgrind.org/docs/manual/cg-manual.html
Acknowledgements
Funding was provided by Russian Science Foundation (RU) (Grant No. 19-19-00566).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Appendix: Sample generator
Appendix: Sample generator
Rights and permissions
About this article
Cite this article
Levina, A., Mostovoi, R., Sleptsova, D. et al. Physical model of sensitive data leakage from PC-based cryptographic systems. J Cryptogr Eng 9, 393–400 (2019). https://doi.org/10.1007/s13389-019-00215-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13389-019-00215-5