Symmetric ciphers are highly efficient from the computational point of view, but they have an important issue: key management is extremely inefficient. First of all, the secret key must be exchanged securely and the encryption of the secret key is not an option, since it would represent the same problem again and again. If the key gets leaked, then it should be revoked and new one should be shared. In addition to this, each different secure link requires its own key: every pair of users should be assigned a unique key, known only to the authorized owners, which means that the overall number of keys would grow exponentially. Even if the key is shared within a single group of people, there would be no way to identify correctly the sender within the group, or have a subset of authorized receivers. Public-key (asymmetric) cryptosystems are the solution to these issues. Each user has a pair of keys: a secret key (the private key) and a second public key. The keys of each pair are related to each other: it is easy to compute the public key from the private key, but the inverse is computationally infeasible. Thus, each user can generate a (random) public key, which will be posted publicly and then compute his secret key; other users will be able to know only the public key, and will be unable to invert the process to obtain the user’s secret key. What is encrypted with one of the keys, can be decrypted only using the other: for instance, if we use our public key to encrypt a message, it will be decrypted only by our private key. This scheme allows to provide some very important properties for secure communications:
Confidentiality: it is the guarantee that the message will not be read by an unauthorized user; it can be achieved by encrypting the message with the public key of the receiver, thus we can guarantee that only his private key will allow decryption.
Authentication: it is the proof of the sender’s identity, certifying that the sender of the message is actually the one who claims to be; it can be achieved by encrypting the message with the private key of the sender. It will be decrypted only with the public key of the sender, revealing his identity.
Non-repudiation:it is strictly related to the previous concept and means that the sender can not deny having sent the message. It is based on the assumption that the private key is known only to its legitimate owner and that it can not be inferred from the public key. Thus, the message could not be sent by any other user.
Integrity: it guarantees that the message was not modified or tampered with, and it is exactly the message that was transmitted at the source. It is usually achieved by attaching a digest of the message itself, usually the result from a commonly shared hashing algorithm; then, the digest only can be encrypted with the sender’s private key. At the reception point, the receiver computes the digest of the message; then he decrypts the digest he got by using the sender’s public key and compares the results, proving that they were not modified. The system relies on the security of the hashing algorithm, i.e., the complexity of creating different messages with the same digest (collision attacks).
Elliptic Curve Cryptography
Another method to define public key algorithms is to use elliptic curves . In contrast to RSA, computations take place in a finite additive group. An elliptic curve E over field K is defined by theWeierstrass equation: E : y2+a1xy+a3y = x3+a2x2+ a4x+a6. The set of points (x,y) ∈ K2 as a solution of the equation E, together with the point at infinity O form and additive abelian group. The point O is the neutral element of the group. It is denoted as E(Fp). The group operation is called addition for two distinct points and doubling otherwise. An elliptic curve group operation consists of many field operations. For a field Fp with a characteristic other than 2 the equation E can be simplified to E : y2 = x3 + ax + b a, b ∈ K. In order to encrypt message using ECC we have to chose and elliptic curve E defined over a prime filed Fp such that the order of E is divisible by a large prime q, then we chose a base point P on E of order q.
Obviously the choice of E and P is crucial for the security of the system. The order of the base point P must be a large prime.
The trend for miniaturisation and portability of every computing device has led to the development of smartcards which is a small computing device as large as a credit card and equipped with processing unit, some memory and dedicated processors for cryptographic computations. The smartcard has a microprocessor embedded in it that, when coupled with a reader, has the processing power to serve many different applications.By the means of cryptographic algorithm, smart cards make personal data available only to the appropriate users.
Since its commercial launch in 1992, the smart card has taken full advantage of the miniaturization of circuits and, although the maximum area of the chip is standardized to 25 mm2, the circuits have evolved to more computing capabilities. Smart cards are used in combination with terminals; such as bank cards, prepaid phone cards or SIM, whose terminal is the mobile phone. Most of the time they are links in the chain of custody of a larger system. The industry has set standard ISO/IEC 7816 to facilitate interoperability of the smartcard and FIPS-140 to ensure the security of this component of cryptographic modules.
The integrated circuit as shown in figure 2.8, may contain a microprocessor (CPU) capable of processing this information and specialized cryptographic hardware that uses algorithms such as RSA, 3DES or AES. Smartcard is mainly used as means of personal identification(identity card ,SIM card), payment service(credit card) or for prepaid services (phone card, pay-TV).
Table of contents :
List of Figures
List of Tables
2 Physical Attack On Cryptographic Implementation
2.1.1 Symmetric Ciphers
2.1.2 Asymmetric Cryptography
2.2 Smartcard Architecture
2.3 Side Channel Attack
2.3.1 Timing Attack
2.3.2 Power Analysis
2.3.3 Electromagnetic Analysis
2.4 Fault Attacks
2.4.1 Power Spikes
2.4.2 Clock Glitches
2.4.3 Optical Attack
2.4.4 Electromagnetic Perturbations Attack
2.4.5 Definition of Fault Model
2.4.6 Fault Attack on AES
2.4.7 Summary of DFA on AES
3 Practical Attacks on AES
3.1 Global Attack: Setup time violation attack
3.1.1 Attack Theory
3.1.2 Acquisition Platform
3.1.3 Fault Analysis
3.1.4 Attack on ASIC
3.1.5 Attack on FPGA
3.2 Local Attack: Optical Fault Injection
3.2.2 Practical Setup
3.2.3 Experimental Results
4 Fault Attack Countermeasures
4.1 Fault Detection
4.1.2 Concurrent Error Detection
4.1.3 Cyclic Redundancy Check
4.1.4 Non Linear Robust Code
4.1.5 Double-Data-Rate as countermeasure
4.1.6 Low cost countermeasure against setup time violation attacks
4.2 Fault Resilience
4.2.1 Comparison between Detection and Resilience
4.2.2 Further Merits of the Fault Injection Resilience ”FIR”
4.2.3 Related Works
4.2.4 Some Practical Implementations of FIR
4.2.5 Dual-Rail with Precharge Logic as a Global Countermeasure against Implementation-Level Attacks
4.2.6 Cost Estimation of FIR versus Traditional Approaches
4.2.7 Associating Three Protections to Reduce the Probability of a Successful FIA
4.2.8 Applicability of Resilience with Certification Procedures
4.3 Case study on WDLL
4.3.1 Wave Dynamic Differential Logic
4.3.2 Design Flow for WDDL Implementation
4.3.3 Experimental Results
4.3.4 Theoretical Fault Analysis on AES in WDDL
4.3.5 WDDL w/o EPE
4.3.6 Analysis of the DFA Protection for DPL w/o EPE