Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
EE Times-Asia > Embedded

Guarding against side-channel attacks (Part 2)

Posted: 12 Oct 2012 ?? ?Print Version ?Bookmark and Share

Keywords:open source? cryptographic library? AES?

The emissions were collected by placing a magnetic field pickup coil behind phone. The carrier frequency of the signal was 39.99MHz. The acquisition bandwidth was 500kHz, and the filtered bandwidth was 250kHz. A snapshot of the collected data is shown in figure 4.

In these traces, the widths and heights of the multiplication and addition operations are the same. In some of the cases, however, there is a very short gap between the operations, while in other cases there is larger gap. In the straightforward implementation shown in figure 1 of Part 1, a square can be followed by either another square, or a multiply. In contrast, a multiply is always followed by a square. In the above trace, there are never two short gaps in a row. Hence, whenever there are two large gaps in a row the corresponding bit of the secret exponent is a zero. Similarly, a short gap indicates the corresponding bit of the secret exponent is a one. By analyzing the pattern of gaps, an attacker could extract the entire secret exponent using a single trace.

Figure 4: Data collected from HTC Evo 4G phone using near field antenna placed behind phone.

EM analysis of AES app on Android phone
The final example is an advanced encryption standard (AES) application running on an HTC phone. The application invokes the Bouncy Castle AES provider. The application performs a bulk AES encryption using a 128bit key.

The emissions were collected with a baseband m-field trace capture on a sampling scope. The acquisition bandwidth was 100MHz, and the filtered bandwidth was 60MHz. A snapshot of the collected data is shown in figures 5 and 6.

Figure 5: Data collected from HTC phone using m-field trace capture on a sampling scope.

Figure 6: The individual AES operations in the bulk decryption.

EM analysis of RSA app on an android phone
Unlike the public key algorithms in the previous two examples, the secret keys are not readily visible in the power traces. However, by applying t-tests to the traces, it is seen that the device leaks, and is likely vulnerable to side-channel attacks. (The t-tests will be discussed in detail in the next section. For now, it is sufficient to understand that the t-tests are standardized tests that indicate whether a device behaves differently based the data being processed.

In the t-test control group, the AES power traces have been randomly divided into two sets. The traces in each set are averaged, and the difference is computed. The results in figure 7 show that there are no statistically significant differences in the two data sets.

Figure 7: Control group for t-tests.

In the t-test test group, one set of power traces consists of all the traces which operated on a (randomly selected) fixed 128bit block of data. The other group consists of randomly selected traces. The results in figure 8 show that there are statistically significant differences in the two sets of data.

Figure 8: Test group shows device has leaks.

This indicates that the device behaves differently based on the data being processed, and is likely vulnerable to side-channel analysis.

About the author
Gilbert Goodwill is from Cryptography Research Inc.

To download the PDF version of this article, click here.

?First Page?Previous Page 1???2

Article Comments - Guarding against side-channel attack...
*? You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.

Back to Top