From Wikipedia, the free encyclopedia

In cryptography, power analysis is a form of side channel attack in which the attacker studies the power consumption of a cryptographic hardware device (such as a smart card, tamperproof "black box", microchip, etc). It can yield information about what the device is doing, and including key and other secrets. It was introduced in the open cryptologic community in 1998 by Paul Kocher, Joshua Jaffe and Benjamin Jun^[1], though declassified documents suggest it may have been previously known to the intelligence community.^[2]

Differential power analysis is an extension of power analysis that can allow an attacker to compute the intermediate values of data blocks and key blocks by statistically analyzing data collected from multiple cryptographic operations.

Examining graphs of time against current used by a device can often show exactly what the device is doing at a given point. For example, on a graph of a smart card performing a DES encryption, the sixteen rounds can be seen clearly.

The currents passing through a device are usually small, but standard digital oscilloscopes equipment are precise and accurate enough to measure data-induced variations. It is reasonable for a cryptosystem designer to assume that an adversary will have access to such equipment.

Power analysis does not seek to find weaknesses in algorithms or protocols so much as in their implementations. It provides a way to "see inside" otherwise 'tamperproof' hardware. For example, DES's key schedule involves rotating 28-bit key registers. In order to save time, most implementations simply check the least significant bit to see if it is a 1. If so, it divides the register by two and prepends the 1 at the left end. Power analysis can show the difference between a register with a 1 and a register with a 0 at the end when this happens. This can leak information about key material. DES's permutations, usually clumsily implemented in software, reveal even more information through conditional branches.

Differential power analysis (DPA) is a side-channel attack which involves statistically analyzing power consumption measurements from a cryptosystem. The attack exploits biases varying power consumption of microprocessors or other hardware while performing operations using secret keys. DPA attacks have signal processing and error correction properties which can extract secrets from measurements which contain too much noise to be analyzed using simple power analysis. Using DPA, an adversary can obtain secret keys by analyzing power consumption measurements from multiple cryptographic operations performed by a vulnerable smart card or other device.

Simple power analysis can most easily distinguish conditional branches in the execution of the cryptographic program since a device does different things (requiring different power) depending on which conditional branch is executed. For this reason, care should be taken to ensure there should be no differences (from a power perspective) in the conditional branches within cryptographic software implementations. All rotations, permutations and logical operations (such as XOR) should take the same time and draw equivalent power, no matter what the input.

There are, however, some algorithms with inherently significant branching. To eliminate information leakage from these, software engineers may have to be very creative. This creative engineering may cause a performance reduction (in speed typically), and will almost always require greater development effort, which must be weighed against the possibility of power analysis. An alternative, in some cases, is to use a hard-wired hardware cryptographic device. Their power consumption can vary very little, due to their construction. However, in the case of smart cards, for example, it is not always possible to replace software implementations with hardware implementations.

Differential power analysis is more difficult to prevent, since even small biases in the power consumption can lead to exploitable weaknesses. Some countermeasure strategies involve algorithmic modifications such that the cryptographic operations occur on data that is related to the actual value by some mathematical relationship that survives the cryptographic operation. This is called blinding, and usually implies an algorithm that is based on number theory, such as factoring or discrete logarithms.

Countermeasures to simple and differential power analysis attacks are covered by patents.^[3]

1. ^ P. Kocher, J. Jaffe, B. Jun, "Differential Power Analysis," technical report, 1998; later published in Advances in Cryptology - Crypto 99 Proceedings, Lecture Notes In Computer Science Vol. 1666, M. Wiener, ed., Springer-Verlag, 1999.
2. ^ NSA R21 Informal Technical Report R21-TECH-30-95, "Capstone (MYK-80) Specifications", 14 August 1995; see heading "Random Power Fluctuations".
3. ^ "[1]http://www.cryptography.com/technology/dpa/licensing.html".