Side channels as building blocks | Journal of Cryptographic Engineering Skip to main content
Springer Nature Link
Log in

Side channels as building blocks

  • Regular Paper
  • Published:
Journal of Cryptographic Engineering Aims and scope Submit manuscript

Abstract

Since the introduction of the first side-channel analyses in academia about 15 years ago, several physical attacks have been presented that exploit side-channel leakages to break implementations of cryptographic algorithms. This article deals with the same physical property of electronic devices, but focuses on the art of tailoring it for constructive uses. More precisely, two scenarios, i.e., hardware Trojans and IP watermarking, are illustrated in which the designer of an electronic circuit can add functionality by considering side channels as part of the available design space. Both applications use the same concept, i.e., deliberately leaking a secret through a side channel while keeping the introduced side channel hidden from adversaries and attackers. This article provides a broad overview of the existing works for both applications and should serve as a comprehensible introduction to the underlying field of research. This includes many subtle details that have not been discussed in literature yet, including existing shortcomings and possible improvements to the existing works. The solutions summarized in this article provide general guidelines for theorists and practitioners to use side channels constructively to achieve designs that are robust against detection and removal. Furthermore, we present an entirely new design of a Trojan side-channel. This architecture demonstrates the potential of a Trojan side-channel that is neatly tailored to the targeted implementation. The new design removes all non-invasive starting points a third party could use to analyze or get access to the secret-channel.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (Japan)

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Notes

  1. Constant leakage here means that the leakage provided by the TSC does not depend on the intermediate state of the device and does not change as long as the secret key is fixed.

  2. Since the selected intermediate state and the combination function are kept obscure, the third party needs to guess them and examine the existence of a TSC module for each guess.

  3. This is a property that is considered for the encoding mechanism \(e(K)\) and does not deal with the encryption scheme realized by the target device.

  4. Note that depending on the LC, it might be necessary to consider a mapping of the used code with respect to a suitable power model of the LC prior to correlation-based demodulation.

  5. Its HDL specification was obtained from the official website of the corresponding author.

References

  1. Cryptographic Hardware and Embedded Systems. http://www.chesworkshop.org

  2. Side-channel Attack Standard Evaluation Board (SASEBO). Further information are available via http://www.rcis.aist.go.jp/special/SASEBO/index-en.html

  3. Report of the defense science board task force on high performance microchip supply. Defense Science Board, US DoD (2005)

  4. Innovation at risk: intellectual property challenges and opportunities, white paper. Semiconductor Equipment and Materials International (2008)

  5. Adee, S.: The hunt for the kill switch. IEEE Spectr. 45(5), 34–39 (2008)

    Article  Google Scholar 

  6. Batina, L., Gierlichs, B., Prouff, E., Rivain, M., Standaert, F.-X., Veyrat-Charvillon, N.: Mutual information analysis: a comprehensive study. J. Cryptol. 24(2), 269–291 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  7. Becker, G.T., Kasper, M., Moradi, A., Paar, C.: Side-channel based watermarks for integrated circuits. In: HOST 2010, pp. 30–35. IEEE Computer Society (2010)

  8. Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: CRYPTO 1997, volume 1294 of LNCS, pp. 513–525. Springer, New York (1997)

  9. Blömer, J., Guajardo, J., Krummel, V.: Provably secure masking of AES. In: SAC 2004, volume 3357 of LNCS, pp. 69–83. Springer, Berlin (2004)

  10. Canright, D., Batina, L.: A very compact “perfectly masked” S-box for AES. In: ACNS 2008, volume 5037 of LNCS, pp. 446–459. Springer, Berlin (2008) (the corrected version is available at Cryptology ePrint Archive, Report 2009/011 http://eprint.iacr.org/)

  11. Chen, Z., Guo, X., Nagesh, R., Reddy, A., Gora, M., Maiti, A.: Hardware Trojan designs on BASYS FPGA Board. In: Embedded system challenge contest in cyber security awareness week—CSAW 2008 (2008)

  12. Coron, J.-S., Kocher, P.C., Naccache, D.: Statistics and secret leakage. In: FC 2000, volume 1962 of LNCS, pp. 157–173. Springer, Berlin (2000)

  13. Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., Shalmani, M.T.M.: On the power of power analysis in the real world: a complete break of the KeeLoq code hopping scheme. In: CRYPTO, volume 5157 of LNCS, pp. 203–220. Springer, Berlin (2008)

  14. Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual information analysis. In: CHES 2008, volume 5154 of LNCS, pp. 426–442. Springer, New York (2008)

  15. Kahng, A.B., Lach, J., Mangione-Smith, W.H., Mantik, S., Markov, I.L., Potkonjak, M., Tucker, P., Wang, H., Wolfe, G.: Watermarking techniques for intellectual property protection. In: DAC 1998, pp. 776–781. ACM (1998)

  16. Kean, T., McLaren, D., Marsh, C.: Verifying the authenticity of chip designs with the designtag system. In: HOST 2008, pp. 59–64. IEEE Computer Society (2008)

  17. Kiamilev, F., Hoover, R.: Demonstration of hardware Trojans (2008)

  18. King, S.T., Tucek, J., Cozzie, A., Grier, C., Jiang, W., Zhou, Y.: Designing and implementing malicious hardware. In: USENIX workshop on large-scale exploits and emergent threats, LEET 2008, pp. 1–8. USENIX Association (2008)

  19. Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: CRYPTO 1996, volume 1109 of LNCS, pp. 104–113. Springer, Berlin (1996)

  20. Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: CRYPTO 1999, volume 1666 of LNCS, pp. 388–397. Springer, Berlin (1999)

  21. Lieberman, J.: National security aspects of the global migration of the U.S. semiconductor industry. white paper, Airland Subcommittee, US Senate Armed Services Committee (2003). http://lieberman.senate.gov/documents/whitepapers/semiconductor.pdf

  22. Lin, L., Kasper, M., Güneysu, T., Paar, C., Burleson, W.: Trojan side-channels: lightweight hardware Trojans through side-channel engineering. In: CHES 2009, volume 5747 of LNCS, pp. 382–395. Springer, Berlin (2009)

  23. Mangard, S., Oswald, E., Popp, T.: Power analysis attacks: revealing the secrets of smart cards. Springer, Berlin (2007)

  24. Messerges, T., Dabbish, E., Sloan, R.: Power analysis attacks of modular exponentiation in smartcards. In: CHES 1999, number 1717 in LNCS, p. 144. Springer, New York (1999)

  25. Moradi, A., Barenghi, A., Kasper, T., Paar, C.: On the vulnerability of FPGA bitstream encryption against power analysis attacks—extracting keys from Xilinx Virtex-II FPGAs. In: The 18th ACM conference on computer and communications security, CCS 2011. ACM 2011 (to appear, a draft version is available in Cryptology ePrint Archive, Report 2011/390). http://eprint.iacr.org/

  26. Narayan, N., Newbould, R.D., Carothers, J.D., Rodriguez, J.J., Holman, W.T.: IP protection for VLSI designs via watermarking of routes. In: ASIC/SOC 2001, pp. 406–410. IEEE (2001)

  27. Nohl, K., Evans, D., Starbug, Plötz, H.: Reverse-engineering a cryptographic RFID Tag. In: USENIX security symposium, pp. 185–194. USENIX Association (2008)

  28. Oliveira, A.L.: Techniques for the creation of digital watermarks in sequentialcircuit designs. IEEE Trans. CAD of Integr. Circuits Syst. 20(9), 1101–1117 (2001)

    Google Scholar 

  29. Oswald, D., Paar, C.: Breaking Mifare DESFire MF3ICD40: power analysis and templates in the real world. In: CHES 2011, LNCS. Springer, Berlin (2011, to appear)

  30. Paar, C.: Efficient VLSI architectures for bit-parallel computation in Galois fields. PhD thesis, Institure for Experimental Mathematics, University of Essen, Germany (1994)

  31. Torunoglu, I., Charbon, E.: Watermarking-based copyright protection of sequential functions. IEEE J. Solid State Circuits 35(3), 434–440 (2000)

    Article  Google Scholar 

  32. Young, A., Yung, M.: The dark side of “Black-Box” cryptography, or: should we trust capstone? In: CRYPTO 1996, volume 1109 of LNCS, pp. 89–103. Springer, Berlin (1996)

  33. Ziener, D., Teich, J.: Power signature watermarking of IP cores for FPGAs. Signal Process. Syst. 51(1), 123–136 (2008)

    Article  Google Scholar 

Download references

Acknowledgments

The work described in this paper has been supported in part by the European Commission through the ICT program under contract ICT-2007-216676 ECRYPT II and by the NSF Grant 0916854.

Author information

Authors and Affiliations

  1. Horst Görtz Institute for IT-Security, Ruhr University Bochum, Bochum, Germany

    Markus Kasper, Amir Moradi, Oliver Mischke, Tim Güneysu & Christof Paar

  2. Department of Electrical and Computer Engineering, University of Massachusetts, Amherst, USA

    Georg T. Becker, Christof Paar & Wayne Burleson

Authors
  1. Markus Kasper
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Amir Moradi
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Georg T. Becker
    View author publications

    You can also search for this author inPubMed Google Scholar

  4. Oliver Mischke
    View author publications

    You can also search for this author inPubMed Google Scholar

  5. Tim Güneysu
    View author publications

    You can also search for this author inPubMed Google Scholar

  6. Christof Paar
    View author publications

    You can also search for this author inPubMed Google Scholar

  7. Wayne Burleson
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Amir Moradi.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Kasper, M., Moradi, A., Becker, G.T. et al. Side channels as building blocks. J Cryptogr Eng 2, 143–159 (2012). https://doi.org/10.1007/s13389-012-0040-4

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13389-012-0040-4

Keywords