Electromagnetic Activity vs. Logical Activity: Near Field Scans for Reverse Engineering

International audienceElectromagnetic Near Field Scanning has formerly been proposed to guide side channel and fault injection attacks. However very few studies support its use for reverse-engineering. This absence could be explained by difficulties linked to the diffusion of currents in the power supply network, which are the root of EM radiations. This diffusion has for consequence that a local electrical activity in an IC can be observed quite far from its origin point, thus limiting the interest of EM near field scans for reverse engineering. This paper proposes a solution to this problem by describing a method to extract the source areas of an IC where electrical activity is occurring from EM near field scans. Experimental results are given for an ARM based microcontroller designed in a 90 nm process

back propagation neural network based leakage characterization for practical security analysis of cryptographic implementations

Side-channel attacks have posed serious threats to the physical security of cryptographic implementations. However, the effectiveness of these attacks strongly depends on the accuracy of underlying side-channel leakage characterization. Known leakage characterization models do not always apply into the real scenarios as they are working on some unrealistic assumptions about the leaking devices. In light of this, we propose a back propagation neural network based power leakage characterization attack for cryptographic devices. This attack makes full use of the intrinsic advantage of neural network in profiling non-linear mapping relationship as one basic machine learning tool, transforms the task of leakage profiling into a neural-network-supervised study process. In addition, two new attacks using this model have also been proposed, namely BP-CPA and BP-MIA. In order to justify the validity and accuracy of proposed attacks, we perform a series of experiments and carry out a detailed comparative study of them in multiple scenarios, with twelve typical attacks using mainstream power leakage characterization attacks, the results of which are measured by quantitative metrics such as SR, GE and DL. It has been turned out that BP neural network based power leakage characterization attack can largely improve the effectiveness of the attacks, regardless of the impact of noise and the limited number of power traces. Taking CPA only as one example, BP-CPA is 16.5% better than existing non-linear leakage characterized based attacks with respect to DL, and is 154% better than original CPA. © 2012 Springer-Verlag.National Security Research Institute (NSRI); Electronics and Telecommunications Research Institute (ETRI); Korea Internet and Security Agency (KISA); Ministry of Public Administration and Security (MOPAS)Side-channel attacks have posed serious threats to the physical security of cryptographic implementations. However, the effectiveness of these attacks strongly depends on the accuracy of underlying side-channel leakage characterization. Known leakage characterization models do not always apply into the real scenarios as they are working on some unrealistic assumptions about the leaking devices. In light of this, we propose a back propagation neural network based power leakage characterization attack for cryptographic devices. This attack makes full use of the intrinsic advantage of neural network in profiling non-linear mapping relationship as one basic machine learning tool, transforms the task of leakage profiling into a neural-network-supervised study process. In addition, two new attacks using this model have also been proposed, namely BP-CPA and BP-MIA. In order to justify the validity and accuracy of proposed attacks, we perform a series of experiments and carry out a detailed comparative study of them in multiple scenarios, with twelve typical attacks using mainstream power leakage characterization attacks, the results of which are measured by quantitative metrics such as SR, GE and DL. It has been turned out that BP neural network based power leakage characterization attack can largely improve the effectiveness of the attacks, regardless of the impact of noise and the limited number of power traces. Taking CPA only as one example, BP-CPA is 16.5% better than existing non-linear leakage characterized based attacks with respect to DL, and is 154% better than original CPA. © 2012 Springer-Verlag

SCA-Resistance for AES: How Cheap Can We Go?

Contains fulltext : 191728.pdf (Publisher’s version ) (Open Access

Systematic Construction and Comprehensive Evaluation of Kolmogorov-Smirnov Test Based Side-Channel Distinguishers

Generic side-channel distinguishers aim at revealing the correct key embedded in cryptographic modules even when few assumptions can be made about their physical leakages. In this context, Kolmogorov-Smirnov Analysis (KSA) and Partial Kolmogorov-Smirnov analysis (PKS) were proposed respectively. Although both KSA and PKS are based on the Kolmogorov-Smirnov (KS) test, they really differ a lot from each other in terms of construction strategies. Inspired by this, we construct nine new variants by combining their strategies in a systematic way. Furthermore, we explore the effectiveness and efficiency of all these twelve KS test based distinguishers under various simulated scenarios in a univariate setting within a unified comparison framework, and also investigate how these distinguishers behave in practical scenarios. For these purposes, we perform a series of attacks against both simulated traces and real traces. Evaluation metrics such as Success Rate (SR) and Guessing Entropy (GE) are used to measure the efficiency of key recovery attacks in our evaluation. Our experimental results not only show how to choose the most suitable KS test based distinguisher in a particular scenario, but also clarify the practical meaning of all these KS test based distinguishers in practice

Behind the Scene of Side Channel Attacks

Since the introduction of side channel attacks in the nineties, a large amount of work has been devoted to their effectiveness and efficiency improvements. On the one side, general results and conclusions are drawn in theoretical frameworks, but the latter ones are often set in a too ideal context to capture the full complexity of an attack performed in real conditions. On the other side, practical improvements are proposed for specific contexts but the big picture is often put aside, which makes them difficult to adapt to different contexts. This paper tries to bridge the gap between both worlds. We specifically investigate which kind of issues is faced by a security evaluator when performing a state of the art attack. This analysis leads us to focus on the very common situation where the exact time of the sensitive processing is drown in a large number of leakage points. In this context we propose new ideas to improve the effectiveness and/or efficiency of the three considered attacks. In the particular case of stochastic attacks, we show that the existing literature, essentially developed under the assumption that the exact sensitive time is known, cannot be directly applied when the latter assumption is relaxed. To deal with this issue, we propose an improvement which makes stochastic attack a real alternative to the classical correlation power analysis. Our study is illustrated by various attack experiments performed on several copies of three micro-controllers with different CMOS technologies (respectively 350, 130 and 90 nanometers)