Power Attacks - PowerPoint PPT Presentation

1 / 23
About This Presentation
Title:

Power Attacks

Description:

Power Attacks – PowerPoint PPT presentation

Number of Views:43
Avg rating:3.0/5.0
Slides: 24
Provided by: christoph342
Category:
Tags: attacks | power | qat

less

Transcript and Presenter's Notes

Title: Power Attacks


1
Power Attacks
  • Adopted from a talk by David Naccache

2
A GAME
  • You put 28 in one of the pots and 10 in the
    other

28 10
10 28
  • I ask you to multiply the contents of the blue
    pot by 10 and the contents of the red pot by 7,
    add the two results and tell me if the sum is odd
    or even.
  • Is your answer enough to reveal whats in each
    pot?

3
IS THIS A MEANINGFUL GAME?
  • Well, normally not 28 7 10 10 296 is
    an even number and10 7 28 10 350 is
    also even
  • However, just by monitoring the time it takes to
    give the answer (the mental calculation leading
    to 296 is more complicated than the one leading
    to 350) one can tell where each amount is!

4
CONCLUSION
  • The external monitoring of the processing time of
    a card may leak secrets to the external world
    (e.g. credit keys, PINs etc).
  • Timing attacks were exposed in the early 1990s.
  • Lesson learned Current card software runs in
    constant time

5
IMPORTING THE BEEF?
  • Seattle, 1999.
  • US and French delegates negotiate under which
    conditions beef could be imported to France.
  • The Sun sends a journalist to investigate

6
IMPORTING THE BEEF?
  • But there is a technical problem negotiations
    take place in a hotel which windows are opaque

7
POWER ATTACKS
  • Idea look at the hotels electricitymeter!

8
POWER ATTACKS
  • disk is spinning slowly

DEAL CONCLUDED

9
POWER ATTACKS
  • But if the disk is spinning quickly

10
POWER AS FUNCTION OF HAMMING WEIGHT
11
CONCRETE ATTACK ON CONCRETE KEYS
  • Comparing
  • decryption with key 0000 1111 ...
  • decryption with key 1111 1111 ...

token designed and manufactured in 1998...
12
CONCLUSION
The card's current consumption may reveal secret
information.
13
COUNTER-COUNTER MEASURE
  • Against adding noise to the power consumption
    signal.
  • Capture electromagnetic radiation at various chip
    locations!
  • Equipment

14
EM AT VARIOUS LOCATIONS
RAM
power
CPU
EEPROM
ROM
difference between 00 xor 00 and 00 xor FF
15
AUTOMATE THE PROCESS...
16
LESSON LEARNED SHIELD IT!
  • Shield
  • Scrambled glue logic
  • No Buses visible
  • Blocks easily identified
  • No shield
  • No glue logic
  • Buses clearly visible

17
ARE WE DONE?
  • Broken toys are not charged to our clients

Jack
car 3
Dino
plane 5
Dino buys toys from Jack
18
The postman wants to know what Dino bought for 15
what did he buy for 15?
Dino
19
In the meanwhile Jack prepares the DHL
20
and gives it to the postman
21
Who kicks it strong enough to break one toy
22
and gives it to Dino
23
a week later he monitors Dinos postal order...
4 3 12
2 5 10
  • Lesson learned Fault attacks can also extract
    secrets from tokens!
  • Hardware faults can have various sources
  • voltage glitches, light beams, laser beams...
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Power Attacks" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!