Authors:
|
Filipe
Rosado da-Fonseca |
|
|
| Abstract: |
When
implementing cryptosystems in general purpose cryptographic hardware,
one takes profit of the Application Programming Interfaces (APIs)
displaced by the hardware to code the required cryptosystems. The
functions made available by these APIs are divided into two groups, the
group of the non-cryptographic functions and the group of the
cryptographic primitives. When using these functions, one assumes that
the functions of the first group are protected against simple
side-channel attacks and the functions of the second group are
protected against both simple and differential side-channel attacks.
Nonetheless, the cryptosystems that make use of these functions may
leak information through side-channels. To close this gap of security,
a new model is introduced here. It deeply explains how the functions
made available by the hardware's APIs must be protected against
side-channel attacks and how this hardware must manage memory. In
addition, it introduces an adversary that can undertake side-channel
attacks against the cryptosystems to test, and teaches how to represent
these attacks in pseudo-code. This paper terminates with both the
introduction of some security notions and the presentation of the
results of testing some well known cryptosystems in accordance with the
latter security notions. |
|
|
| Keywords: |
Side
channels, power-analysis,
timing-analysis, electromagnetic-analysis, optical-analysis, smart
cards, symmetric authentication, symmetric encryption, digital
signature, asymmetric encryption, signcryption, pseudorandom
permutations, pseudorandom functions, birthday attack. |
|
|
Formats:
|
.pdf
(this is the short version of the paper)
.
|
|
|
| Notes:
|
1
- The
attacks described in
this paper were introduced at the Rump Session of CHES 2004 (see http://frdafonseca.com/papers/1);
2 - This paper is available on the Cryptology ePrint Archive (see http://eprint.iacr.org/2004/369/);
3 - The full version of this paper is still under construction (its
index can be found here: index_of_full_version.pdf).
|
|
|
You are
here: www.frdafonseca.com/papers/3 |
|