CSE 127: Lecture 24

This lecture is a continuation of the previous lecture (lecture 23), where we talked about Differential Timing Analysis. The topic covered in this lecture is Differential Power Analysis.

Differential Power Analysis

Differential power cryptanalysis has been invented in 1998 by a group of researchers from Cryptography Research, Inc., As of today, these attacks are successful against majority of cryptographic tokens available on the market, including all types of smart cards, PCMCIA cards and cryptographic buttons, and no effective countermeasure has been developed, yet. The only effective defense is the physical protection, as the attack requires an access to a cryptographic token with secret parameters, such as a cryptographic key, stored on. No tamper-resistant covers seem to prevent analysis. The attack is based on sampling the power consumption of the device for a series of cryptographic transformations involving hundreds to thousands of random ciphertexts, and then performing a statistical analysis, leading to a full recovery of the key. Reconstructing the full secret or private key takes no more than several minutes, and requires only standard readily-available measurement equipment worth a few hundred to a few thousand dollars.

The threat model is quite similar to the Differential Timing Analysis, but out here we assume we have some level of physical access.In United States, it is possible to do online verification of credit card (cheap long distance call), but in Europe they verify that the card is not a fake one, by making use of a smart chip inside the card. The cryptographic keys inside the card are installed by the credit card company. To do the attack, we need to have physical access to the card and a smart card reader. Timing analysis doesn't work well as it provides with a very low bandwidth connection. Measure the amount of power consumed versus time by the smart card. A rought outline of the experiment set up

Vc ----------(Resistance)------------Smart  Chip---------(ground)
A graph of current versus time will show a spike whenever a modular multiply occur. Modular multiply is a big drain of power. When e is odd we should see 2 spikes (2 modular multiplications are going to be performed, y = y * z mod n & z = z  * z mod n). When e is even, we should see 1 spike (z = z * z mod n). This attack is easy to do as we can see the amount of hardware that you need is miniscule. If you introduce the capacitance, it will be hard to see 2 bumps, but we can still measure the aggregate power and perform the attack. If you are interested in knowing more about this, click here