First-Round and Last-Round Power Analysis Attack Against AES Devices

Putra, Septafiansyah Dwi; Sumari, Arwin Datumaya Wahyudi; Asrowardi, Imam; Subyantoro, Eko; Zagi, Luqman Muhammad

doi:10.1109/icitsi50517.2020.9264976

Cited by 2 publications

(1 citation statement)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our target was the first key byte. We chose to conduct the CPA on the first-round key [Put+20], because the initial key is used during the first SubBytes (round0). Moreover, we looked for a non-linear function to have the maximum voltage variations.…”

Section: Validation and Analysismentioning

confidence: 99%

Combined Internal Attacks on SoC-FPGAs: Breaking AES with Remote Power Analysis and Frequency-based Covert Channels

Fellah-Touta

Bossuet

Lara-Nino

2023

2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)

View full text Add to dashboard Cite

In recent years, the field of side-channel analysis has observed a revolution in the design of the attack methodology. Conventional approaches which require the use of highly specialized equipment like oscilloscopes and spectrum analyzers, despite highly precise, might be regarded as impractical in some scenarios. On the other hand, the use of less-accurate internal sensors which can monitor the power footprint of a circuit has risen in popularity. Delay sensors have shown promising results. These structures are interesting since they can be implemented from regular hardware resources available in most circuits. This means that components already available in the target platform might be leveraged to implement a sidechannel attack. Moreover, it has been shown that is not necessary to have direct access to the platform to carry out such an attack; which implies that if there is a remote link such as Ethernet, an adversary might be able to perform Remote Power Analysis (RPA) of the system. So far, the main challenge for the success of this kind of attack is the problem of cutting and aligning the power traces. This is usually achieved through secondary digital channels which carry some trigger information. In this paper, we simplify the conditions for an RPA attack to take place. Namely, our method mitigates the need for connecting digital triggers to the remote sensor. We demonstrate this approach by performing a successful key recovery on a hardware implementation of AES.

show abstract

Section: Validation and Analysismentioning

confidence: 99%