Side-channel attacks conducted against electronic systems are relatively simple and inexpensive to execute. An attacker does not need to know specific implementation details of the cryptographic device to perform these attacks and extract keys. As all physical electronic systems routinely leak information, effective side-channel countermeasures such as Rambus’ DPA Resistant Hardware Cores (DPARC) or DPA Software Library (DPASL) should be implemented at the design stage to ensure protection of sensitive keys and data. After the implementation of hardware or software countermeasures, systems should be carefully evaluated with a Test Vector Leakage Assessment (TVLA) platform such as the Rambus DPA Workstation (DPAWS) to confirm the cessation of sensitive side-channel leakage.
Side-channel attacks conducted against electronic gear are relatively simple and inexpensive to execute. Such attacks include simple power analysis (SPA) and Differential Power Analysis (DPA). An attacker does not need to know specific implementation details of the cryptographic device to perform these attacks and extract keys. As all physical electronic systems routinely leak information, effective side-channel countermeasures should be implemented at the design stage to ensure protection of sensitive keys and data.
This document describes requirements and test procedures for qualifying DPA-resistant implementations of cryptographic algorithms with specific instructions and test vectors for AES. Expected lab and analyst proficiency, device setup, data acquisition, signal processing, analysis and evaluation procedures are described herein.
Is your mobile device’s EM emissions leaking your keys? A mobile app can inadvertently radiate secret data as cryptographic processing is done by the CPU. We’ll use a simple antenna and radio to perform live key extraction from several modern handheld devices. Developers can use several techniques to mitigate risk whenever applications use high-valued cryptographic keys.
As the functionality of mobile devices has increased, so have the threats. These devices make attractive targets, given the sensitivity of user and corporate data they process and store, their emerging use for viewing protected content and conducting sensitive banking and payment transactions. Until recently, hardware and software based defenses for mobile platforms lagged behind those found in more mature systems.
The goal of a side‐channel resistance validation program is to assess whether a cryptographic module utilizing side‐channel analysis countermeasures can provide resistance to these attacks commensurate with the desired security level. While, no standardized testing program can guarantee resistance against all attacks, an effective program should be able to validate that sufficient care was taken in the design and implementation of countermeasures.