Conference Paper

RAM: Rapid Alignment Method

DOI: 10.1007/978-3-642-27257-8_17 Conference: Smart Card Research and Advanced Applications - 10th IFIP WG 8.8/11.2 International Conference, CARDIS 2011, Leuven, Belgium, September 14-16, 2011, Revised Selected Papers
Source: DBLP

ABSTRACT

Several countermeasures against side-channel analysis result in misalignment of power traces, in order to make DPA more difficult. In this paper we propose a new algorithm to align the measurements after this desynchronizing through the variations of the internal clock, random delays, etc. The algorithm is based on the ideas of SIFT and U-SURF algorithm that were originally proposed for image recognition. The comparison with other known methods favors our solution in terms of efficiency and computational complexity.

Download full-text

Full-text

Available from: Lejla Batina, Feb 12, 2014
  • [Show abstract] [Hide abstract]
    ABSTRACT: Generating random delays in embedded software is a common countermeasure to complicate side channel attacks. The idea is to insert dummy operations with varying lengths at different moments in time. This creates a non-predictable offset of the attacking point in the time dimension. Since the success of, e.g., a correlation power analysis (CPA) attack is largely affected by the alignment of the power traces, the adversary is forced to apply additional large computations or to record a huge amount of power traces to achieve acceptable results. In this paper, we present a new efficient method to identify random delays in power measurements. Our approach does not depend on how the random delays are generated. Plain uniform delays can be removed as well as Benoit-Tunstall [11] or improved floating mean delays [4]. The procedure can be divided into three steps. The first step is to convert the power trace into a string depending on the Hamming weights of the opcodes. After this, the patterns of the dummy operations are identified. The last step is to use a string matching algorithm to find these patterns and to align the power traces. We have started our analysis with two microcontrollers, an Atmel AVR ATmega8 and a Microchip PIC16F54. For our practical evaluation, we have focused on the ATmega8. However, the results can be applied to many other microcontrollers with a similar architecture.
    No preview · Conference Paper · Nov 2011
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Differential Power Analysis (DPA) is commonly used to obtain information about the secret key used in cryptographic devices. Countermeasures against DPA can cause power traces to be misaligned, which reduces the effectiveness of DPA. Principal Component Analysis (PCA) is a powerful tool, which is used in different research areas to identify trends in a data set. Principal Components are introduced to describe the relationships within the data. The largest principal components capture the data with the largest variance. These Principal Components can be used to reduce the noise in a data set or to transform the data set in terms of these components. We propose the use of Principal Component Analysis to improve the correlation for the correct key guess for DPA attacks on software DES traces and show that it can also be applied for other algorithms. We also introduce a new way of determining key candidates by calculating the absolute average value of the correlation traces after a DPA attack on a PCA-transformed trace. We conclude that Principal Component Analysis can successfully be used as a preprocessing technique to reduce the noise in a trace set and improve the correlation for the correct key guess using Differential Power Analysis attacks.
    Full-text · Conference Paper · Feb 2012
  • [Show abstract] [Hide abstract]
    ABSTRACT: Source code plagiarism has become a serious problem for the industry. Although there exist many software solutions for comparing source codes, they are often not practical in the embedded environment. Today's microcontrollers have frequently implemented a memory read protection that prevents a verifier from reading out the necessary source code. In this paper, we present three verification methods to detect software plagiarism in embedded software without knowing the implemented source code. All three approaches make use of side-channel information that is obtained during the execution of the suspicious code. The first method is passive, i.e., no previous modification of the original code is required. It determines the Hamming weights of the executed instructions of the suspicious device and uses string matching algorithms for comparisons with a reference implementation. In contrast, the second method inserts additional code fragments as a watermark that can be identified in the power consumption of the executed source code. As a third method, we present how this watermark can be extended by using a signature that serves as a proof-of-ownership. We show that particularly the last two approaches are very robust against code-transformation attacks.
    No preview · Article · Aug 2012 · IEEE Transactions on Information Forensics and Security
Show more