4.2.1 Cryptography
The term cryptography refers to the study of secret messages [43]. In modern communication over the Internet, cryptography is of primary importance for secure communication, keeping privacy, ensuring message authenticity and access control. Information transmitted over the Internet
passes nodes neither controlled by the sender nor the receiver and may easily be eavesdropped.
The purpose of an encryption algorithm is to protect the secrecy of messages sent over an insecure channel [44].
Lots of processing are required for encryption and decryption of data.
With large data flows, dedicated cryptographic hardware is used to keep up with the speed. Dedicated cryptographic hardware is also considered to be more secure than software implementation because secret cryptographic keys can be kept in a controlled environment, specially designed for secure keeping. Nevertheless, cryptographic ICs are also vulnerable against break-in-attempts. Attempts on breaking in through the physical implementation of a cryptographic IC are called side-channel attacks.
A cipher is a cryptographic algorithm for transposing a known input text to be hidden from eavesdropping, plaintext, into a ciphertext. A ciphertext contains the same information as the plaintext, but in a format not readable unless you know the cipher being used and a secret key. The key is used as an input to the cipher and controls the operation of the cipher. Without a correct key it is impossible to transform the ciphertext back into the original plaintext.
Encryption, or enciphering, is the transformation of a plaintext P into a ciphertext C. The operation is performed by a cipher as C= EK(P), where Eis the encryption algorithm of the cipher and K is the provided key.
Decryption, or deciphering, of a ciphertext C is the transformation back to readable text by the receiver, by performing P = DK(C) = DK(EK(P)), where D is the decryption algorithm.
Ciphers can be divided into two main categories, transposition and substitution ciphers. Substitution ciphers replace letters or large blocks with substitutes. Transposition ciphers rearrange the letters in the plaintext.
Product ciphersare created by composing substitution and transposition ciphers. The cryptographic ciphers defined by the US National Institute of Standard and Technology (NIST) as the Data Encryption Standard (DES) [43] in 1976, as well as its proceeder, the Rijndael cipher [43], selected as the Advanced Encryption Standard (AES) by NIST in 2002, are well known examples of product ciphers used as a base in major communication systems today.
4.2.2 Side-Channel Attacks
Modern ciphers are designed to be immune against known cryptoanalysis methods, and therefore attacks on them are hard to perform. But when cryptography is used in computer systems these ciphers are prone to attack on the physical implementation.
A cipher implemented in an electronic circuit produces timing inform-ation, power consumptions variations due to switching activity and
radi-ates electromagnetic energy, which can easily be measured at low costs [5].
Such side channel informations can provide a source of information which can be used to break the cryptographic circuit in order to recover the secret encryption key the device is using.
Side-channel attacks can be categorized by the side-channel informa-tion they are exploiting. The first theoretical presentainforma-tion of a side-channel attack was reported by Kocher in 1996 [24], analyzing the difference in time used by different inputs.
Kocher presented the concept of power analysis attack in 1999 [5].
This type of attack was performed on an actual implementation of a cryptographic circuit by Örs in 2004 [45]. Power analysis attack uses the variation in power consumption correlated to the operations done in calculating the secret key being used.
A side-channel attack may require considerable technical knowledge of the internal operation of the system on which the cryptographic algorithm is implemented.
Timing Attack
Implementations of cryptographic systems where the execution time of certain operations differs depending on the input values are vulnerable against timing attacks. Differences in the execution time are often delib-erately implemented in the algorithm by the designer for performance op-timization. Kocher showed in [24] that it is possible to find the entire secret key of a vulnerable cryptographic system only by timing measurements.
By careful algorithmic and electronic design, timing attacks can be completely avoided by making the system run in fixed time.
Simple Power Analysis Attack
In a simple power analysis (SPA) attack, the power consumption of a cryp-tographic IC is measured directly during crypcryp-tographic operations. Using a set of power consumption measurements taken across a cryptographic operation an attacker can directly determine information about a device’s operation and the secret key [5].
SPA can be used to break cryptographic implementations in which the execution path depends on the data being processed, exploiting the relationship between the executed operations and the power leakage [45].
Differential Power Analysis Attack
While SPA attacks are used to reveal power variations in the execution path due to the instruction sequence, differential power analysis (DPA) attacks can
reveal effects correlated to data values being manipulated [5]. This type of attack is also referred to as correlation power analysis [46].
A differential power analysis attack is hard to protect against, as it uses statistical and error-correcting methods to extract secret information from a power consumption signal [47].
In a DPA attack, the attacker uses a prediction model of the device being attacked. This model is used for predicting the amount of side-channel output for a certain moment of time in the execution of the cipher. These predictions are correlated to the real side-channel output of the circuit by applying statistical methods. Some common statistical methods used in DPA are the distance-of-mean test and the correlation analysis [45].
Electromagnetic Radiation Attack
Electromagnetic radiation is leaked from all electronic devices. A magnetic field is produced when motion occurs in the electronic current flowing in the circuits. An electromagnetic analysis (EMA) attack measures the electromagnetic radiation, and the attack can be performed during the same methods as for power attacks [48].
Fault Analysis Attack
Fault analysis attacks are not directly side-channel attacks. They can be placed under the category of implementation attacks, as they exploit the physical working environment required by the system.
Fault analysis attacks can be divided into two categories. A differential fault analysis attack exploits a circuit by changing the operating voltage, tampering with the clock, or applying radiation of various types to the circuit. By measuring the output differences from the output of the circuit at normal operation, a circuit vulnerable to differential fault analysis attacks may reveal secret key information.
A non-differential fault analysis attack is based on causing permanent damage to a circuit for the purpose of extracting symmetric keys.