paul kocher, joshua jaffe, and benjamin jun cryptography
TRANSCRIPT
![Page 1: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/1.jpg)
Differential Power Analysis
Paul Kocher, Joshua Jaffe, and Benjamin Jun
Cryptography Research, Inc.
presented by Italo Dacosta
![Page 2: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/2.jpg)
Tamper resistant devices• Tamper resistant microprocessors
– Store and process private or sensitive information
– The private information can not be extracted
• Smart Cards
– “Selfcontained microcontroller, with a microprocessor, memory and a serial interface integrated on to a single chip that is packaged in a plastic card”
– Used in banking applications,mobile phones, pay TV, etc.
![Page 3: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/3.jpg)
Designing a secure smart card• Several people involved with different
assumptions– Algorithm designers– Protocol designers– Software developers– Hardware engineers
![Page 4: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/4.jpg)
Algorithm designer assumption
from “Introduction to Differential Power Analysis and Related Attacks” by P. Kocher et al., Cryptography Research
• Typically, the algorithm is evaluated in isolation– Differential cryptanalysis– Linear cryptanalysis
![Page 5: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/5.jpg)
Reality!
from “Introduction to Differential Power Analysis and Related Attacks” by P. Kocher et al., Cryptography Research
![Page 6: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/6.jpg)
Reality – Side Channel Attacks• “A correct implementation of a strong protocol is not
necessarily secure”
• Failures can be cause by:– Defective computation
• D. Boneh, R. A. DeMillo, and R. J. Lipton, On the importance of checking cryptographic protocols for faults, EUROCRYPT '97
– Information leaked during secret key operations
– Timing information
– Invasive measuring techniques
– Electromagnetic emanations (i.e. TEMPEST)
![Page 7: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/7.jpg)
Power analysis attacks• ICs are built out of invidual
transistors which consume power
• Monitoring and analysis of the power consumption of a device to extract the private information stored in it.
• Active, relatively cheap, noninvasive attack
![Page 8: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/8.jpg)
Simple Power Analysis
• Focus on the use of visual inspection techniques to identify relevant power fluctuations during cryptographic operations
• Interpretation of power traces– Power consumption measurements taken across a
cryptographic operation– Typically current used by a device over time
![Page 9: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/9.jpg)
SPA DES tracesSPA trace showing an entire DES operation
SPA trace showing DES rounds 2 and 3
![Page 10: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/10.jpg)
SPA DES trace showing differences in power consumption of different microprocessor instructions
jump
no jump
![Page 11: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/11.jpg)
SPA attack• SPA can reveal sequence of instructions executed
• It can be use to break cryptographic implementations in which the execution path depend on the data being processed– DES key schedule
– DES permutations
– Comparisons
– Multipliers
– Exponentiators
![Page 12: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/12.jpg)
Preventing SPA• In general, techniques to prevent SPA are
fairly simple.– Avoid procedures that use secret intermediates
or keys for conditional branching operations– Hardwired implementations of symmetric
cryptography algorithms
![Page 13: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/13.jpg)
Differential Power Analysis• Use of statistical analysis and error
correction techniques to extract information correlated to secret keys
• Based on the effects correlated to data values being manipulated.
• More powerful than SPA and is much more difficult to prevent
![Page 14: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/14.jpg)
DPA basic idea• Data collection
– Capture power traces T1...m[1...k] containing k samples each
– Record the ciphertexts C1...m
– Knowledge of plaintext is not required
• Data analysis– DPA selection function D(C,b,Ks)→{0,1}
– Compute ksample differential trace ΔD[1...k], where:
![Page 15: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/15.jpg)
DPA against DES• DPA selection function D(C,b,Ks) is defined as:
– Returning the value b of the DES intermediate L at the beginning of the 16th (0 <= b < 32 )
– C is the corresponding ciphertext
– Ks is the 6 key bits entering the Sbox corresponding to bit b (0 <= Ks < 26)
• Repeat procedure to find all Ks values (8) to get the entire 48 bit subkey
16th DES round
b Ks
Ks
C
C
C
![Page 16: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/16.jpg)
DPA traces for DES
Power reference
Correct Ks
Incorrect Ks
1000 samples
![Page 17: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/17.jpg)
Quantitative DPA measurements
Reference power consumption trace
Standard deviation
Differential trace(m=104)
![Page 18: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/18.jpg)
More about DPA• Noise can be a problem
– Electronic radiation and thermal noise– Quantization errors– Uncorrected temporal misalignment
• DPA variations– Automated template DPA– Highorder DPA
![Page 19: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/19.jpg)
DPA against other algorithms• In general, DPA can be used to break any
symmetric or asymmetric algorithm• Public key algorithms (i.e. RSA)
– Asymmetric operations tend to produce stronger signals leaking than symmetric ones
• Reverse engineering using DPA
![Page 20: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/20.jpg)
Preventing DPA• Reduce signals size• Introducing noise into power
consumption measurements• Designing cryptosystems with
realistic assumptions about the underlying hardware.– Balanced HW and SW (i.e. leak tolerant design)
– Incorporating randomness
– Algorithm and protocollevel countermeasures
![Page 21: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/21.jpg)
Take away• Power analysis techniques are of great concern:
multiple vulnerable devices, easy to implement, low cost, and difficult to detect.
• Systems must be designed with realistic assumptions taking into account all the components (algorithms, protocols, hardware, and software) and their interactions.
![Page 22: Paul Kocher, Joshua Jaffe, and Benjamin Jun Cryptography](https://reader035.vdocument.in/reader035/viewer/2022062615/62b693ef0400b8408f20be69/html5/thumbnails/22.jpg)
Questions?