Secure hardware-physical attacks and countermeasures

Yossef Oren

University of Tel-Aviv, 2013

Cryptographic theory is a mature and advanced field which offers theoretical solutions to many practical problems such as encrypting secure data, signing messages to ensure their authenticity and even allowing reliable and anonymous voting. Theory in itself, however, is not enough–any cryptographic functionality must be implemented in the real world before it can be put to practical use. This implementation typically takes the form of either a software implementation for a general-purpose device such as a personal computer, or as a dedicated secure hardware device, whose main purpose is to embody the cryptographic functionality. Examples of such secure hardware devices include smart cards, car alarm key fobs and computerized ballots. One special class of secure hardware device which has recently gained interest are secure RFID tags–a family of low-cost and low-power ubiquitous computers used for security applications such as access control, anti-counterfeiting and even voting.To evaluate the security of a cryptographic system, researchers look for flaws which allow an attacker to break the security assumptions of the system (for example, allowing an unauthorized party to view or modify a message intended for someone else). Cryptanalytic attacks focus on the theoretical and algorithmic aspects of the system, while physical attacks (also called implementation attacks) compromise the system by taking advantage of the physical aspects of the algorithm’s implementation. Some physical attacks (such as, for example, power analysis) recover the secret key used by the secure device by analyzing physical effects produced during its use …