Project Topics
Get Complete Project Material File(s) Now! »
Smart Card Readers
A Smart Card Reader reads the data o a SC. SC Readers are used as a communication device between the SC and a host, e.g. a Personal Computer link SC Reader, a POS terminal, an Automatic Teller Machine (ATM) or a mobile telephone (Figure 1.9). Celator can be included in a SC Reader.
In order to check and ensure the customer identity and authenticity, a SC Reader can ask the user to enter its Personal Identi cation Number (PIN), and then performs one or more cryptographic algorithms. The algorithms to be used depend on the service required by the user. For instance, the AES can be used to encrypt a message, while the SHA can be used to sign a message. Of course, a SC Reader that is able to execute several cryptographic algorithms, can o er more services to users than mono algorithm ones.
Side channel attacks
Using some cryptographic algorithms can not be enough to ensure the identi cation and the access to con dential data like bank account, because SC and SC Readers can leak information if they are not protected from attacks. They have to be preserved against attacks.
Several kinds of attacks exist:
1. social attacks against the people who develop or use the SC
2. static physical attacks (power is not supplied)
3. dynamic physical attacks (power is supplied)
4. passive logical attacks (the hacker tries to obtain information from encrypted data)
5. active logical attacks (the hacker is able to manipulate encrypted data)
These kinds of attacks cannot be achieved at once. Several studies, hardware and software developments at di erent levels are required as countermeasures. We will detail the above type 3 attack, and more particularly the side channel attack.
In cryptography, a side channel attack is any attack based on information gained from the physical implementation of a crypto-system, rather than theoretical weak-nesses in the algorithms, which is the aim of cryptanalysis. For instance, examples of side channel attacks are the following ones:
timing analysis attack based on the measure of the time execution for certain arithmetic or logical operations;
power analysis attack based on the power analysis during the execution of a given algorithm;
TEMPEST (also known as van Eck) attack based on the analysis of the Electro-Magnetic radiation emissions;
acoustic analysis based on the measures of the noise emitted by the SC during a given operation.
In all cases, the underlying principle is that physical e ects caused by some op-erations of a crypto-system (on the side) can provide useful extra information about secrets in the system, for example, the cryptographic key, partial state information, full or partial plaintexts and so forth.
Next sections will detail the various side channel attacks.
Timing analysis
A timing attack watches I/O data movement of the CPU and of the memory, while one algorithm is running. Simply by observing how long it takes to transfer key infor-mation, it is sometimes possible to determine how long the key is. Internal operational stages in many cipher implementations provide information (typically partial) about the plaintext, key values and so on, and some of this information can be inferred from observed timings. Alternatively, a timing attack may simply watch for the time a cryptographic algorithm requires.
One of possible countermeasure is to employ the same time to perform all supported algorithms. For instance, the encryption and the decryption must have the same ex-ecution time. If one operation is faster than the other one, some random operations which do not modify the nal result (masking data as shown in [23], no-operations etc.) can be added.
Power dissipation analysis: SPA, DPA
A power monitoring attack can provide similar information by observing the power lines to the hardware, especially the CPU. As with a timing attack, considerable information is inferable for some algorithm implementations under some circumstances.
Among these attacks, rst to be developed was the Simple Power Analysis (SPA). The current power samples are analysed in order to obtain information. The following operations are considered as leaks and can be attacked by SPA:
writing \1″ or \0″ into the storage mediums (RAM, ROM, registers etc.): the transition current from the p-plan to the n-plan (and vice versa) of CMOS tran-sistors are di erent, therefore writing an \1″ is di erent than writing a \0″;
comparing data value stored in memory (e.g. in the conditional branching) can cause a variation of the power consumption;
the execution of certain operations like the power elevation, in which there is an high correlation between the time during (and then the power consumption) of the operation itself and the power exponent.
In 1999 the SPA attacks could be performed easily and they cost 400$ only, as it is detailed in [24].
Another power analysis based attack more e cient than the SPA is the Di erential Power Analysis (DPA) attack, which works even on small signals [25]. In order to perform a DPA, rst an attacker must be able to precisely measure the power con-sumption. Second, the attacker needs to know what algorithm is computed, and third an attacker needs the plaintexts or ciphertexts. The strategy of the attacker is to make a lot of measurements, and then divide them with the aid of some oracle into two or more di erent sets. Then, statistical methods are used to verify the oracle. If and only if the oracle was right, one can see noticeable peaks in the statistics.
A direct countermeasure against SPA and DPA is to parallelize all computations. In this way the electrical noise produced can make the power analysis stronger to be performed. The coprocessor’s architecture we present here allows to parallelize the computations. Furthermore, Atmel technology we used, allows to secure write \1″ and \0″ into the memory. Therefore we will consider the writing operations as trusted ones.
Electromagnetic analysis
As a fundamental and inevitable fact of electrical life, current uctuations generate radio waves, which are the currents subject { at least in principle { to a TEMPEST or van Eck attack. If the currents concerned are patterned in distinguishable ways, which is typically the case, the radiation can be recorded and used to infer information about the operation of the associated hardware.
If the relevant currents are those associated with a display device (i.e. highly patterned and intended to produce human readable images), the task is greatly eased. Cathode Ray Tube (CRT) displays use substantial currents to steer their electron beams and they have been ’snooped’ in real time with minimum cost hardware from considerable distances (hundreds of meters have been demonstrated). Liquid Crystal Displays (LCDs) require and use smaller currents and are less vulnerable than CRT displays { which is not to say they are invulnerable.
As we said in the previous section, a parallel architecture allows a good protec-tion even against TEMPEST attack, because the computing data are dispatched in several components working concurrently. Celator can exploit this protection against TEMPEST attack thanks to its parallel structure.
Acoustic analysis
As an inescapable fact of electrical life in actual circuits, owing currents heat the materials through which they ow. These materials also continually transmit heat to the environment due to other equally fundamental facts of thermodynamic existence, so there is a continually changing thermally induced mechanical stress as a result of these heating and cooling e ects. That stress appears to be the most signi cant contributor to low level acoustic (i.e. noise) emissions from operating CPUs. Recent research by Shamir et al. [26] has demonstrated that information about the operation of crypto-systems and algorithms can be obtained in this way by the so-called acoustic attack. This kind of attack is easy to perform hardware machines which include big CPU and hard disk.
Conclusions
In this chapter we have presented how the security techniques have changed from old Greeks to nowadays. Smart cards are used to secure con dential data, ensure the privacy, provide the authenticity and the integrity of an information message. SC and SC Readers include cryptographic algorithms. Moreover they have to be side channel attack resistant.
The rest of the thesis is organised as follows. The Chapter 2 describes some al-gorithms implemented in Celator, i.e. AES, DES and SHA. The state of the art of the hardware and software cryptographic implementations is disclosed in Chapter 3. The Celator hardware architecture is detailed in Chapter 4. The Celator software programming is shown in Chapter 5. Finally some conclusions are given in Chapter 6.
Three cryptographic algorithms
This Chapter brie y introduces three algorithms that have been implemented into Celator: the AES, the DES and the SHA. The reader can nd the complete description of them in [1, 2, 3]. The AES, the DES and the SHA are presented in sections 2.1, 2.2 and 2.3, respectively.
The AES algorithm
The Advanced Encryption Standard (AES) speci es a Federal Information Processing Standards (FIPS) [1] approved cryptographic algorithm that can be used to protect electronic data. The AES algorithm is a symmetric block cipher that can encrypt or decrypt information. The AES algorithm is capable of using cryptographic keys of 128, 192 and 256 bits. These di erent versions are called AES-128, AES-192 and AES-256 respectively, and all versions can be performed by Celator. In this work, we focus on the AES-128. The plain text consists of 128-bit data blocks. Each block can be managed as a matrix of 4×4 bytes (Table 2.1).
Table of contents :
1 Introduction
1.1 Security and insecurity
1.1.1 From Herodotus to cryptographic processors
1.1.2 The Evaluation Assurance Level
1.2 From the Smart-Cards to the secure products
1.2.1 Smart Cards
1.2.2 A secure Environment
1.2.3 The Smart Cards market trend
1.2.4 Smart Card Readers
1.3 Side channel attacks
1.3.1 Timing analysis
1.3.2 Power dissipation analysis: SPA, DPA
1.3.3 Electromagnetic analysis
1.3.4 Acoustic analysis
1.4 Conclusions
2 Three cryptographic algorithms
2.1 The AES algorithm
2.2 The DES algorithm
2.3 The SHA
2.4 Conclusions
3 Hardware and software implementations of cryptographic algorithms: state of the art
3.1 General Purpose Processors
3.1.1 The NEC DRP
3.1.2 The Crow FPGA Implementation
3.1.3 The Zippy Project
3.2 Hardwired macros
3.2.1 The Sharma macro
3.2.2 The G-Plus AES implementation
3.2.3 The Trichina Coprocessor
3.2.4 The Eli Biham DES implementation
3.2.5 The Saqib implementation of DES
3.2.6 The Ahmad hardware implementation of SHA
3.2.7 The Chavez hardware implementations of SHA
3.2.8 The Cadence Hashing Algorithm Generator SHA-256
3.3 Conclusions
4 Proposing a recongurable cryptographic coprocessor: Celator
4.1 The system: CPU, Memory, peripherals, bus
4.2 Celator hardware architecture
4.2.1 The Processing Element Array
4.2.2 The Processing Element { Condential
4.2.3 The Controller { Condential
4.2.4 CRAM
4.2.5 The Interface unit
4.3 Considerations about Celator hardware architecture
5 Validating Celator on FPGA
5.1 AES
5.1.1 Implementation of the AES into a PE Array { Condential
5.1.2 FPGA results
5.1.3 ASIC results
5.2 DES
5.2.1 Implementation of the DES into a PE Array { Condential
5.2.2 FPGA results
5.2.3 ASIC results
5.3 SHA
5.3.1 Implementation of the SHA into a PE Array { Condential
5.3.2 FPGA results
5.3.3 ASIC results
6 Conclusions and Further Work
7 Resume en langue francaise de la these intitulee « Design and development of a recongurable cryptographic co-processor » par Daniele Fronte
7.1 Resume
7.2 Introduction
7.3 Trois algorithmes cryptographiques
7.3.1 L’algorithme AES
7.3.2 L’algorithme DES
7.3.3 L’algorithme SHA
7.4 Implementations materielles et logicielles d’algorithmes cryptographiques : etat de l’art
7.4.1 Le NEC DRP
7.4.2 La macro SHARMA
7.5 L’architecture materielle de Celator
7.5.1 Le reseau de PE
7.5.2 Le Sequenceur
7.5.3 La CRAM
7.6 Comment Celator execute les algorithmes cryptographiques
7.6.1 Les transformations d’AES
7.6.2 Les transformations de DES
7.6.3 Les transformations de SHA-256
7.6.4 Modes ECB et CBC
7.7 Resultats et discussions
7.8 Conclusions
