Article Preview
TopIntroduction
The evolution of power analysis attacks which could analyze the power consumptions of cryptographic devices like smart cards and break its security has challenged all the major private and public key cryptographic algorithms. The most convincing reason for using power as a medium of such attacks is due to the absence of internal cells in such devices. As a result, there is always a need of power supply from external sources for their executions. Use of Complementary Metal-oxide Semiconductors (CMOS) for designing the modern cryptographic devices has highly contributed in meeting their computational requirements. However, the property of CMOS by which its total power depends on the data and operations performed, as shown in equation 1, left a loophole for the eavesdroppers.
(1) where,
Pnoise was due to unwanted noise which may be removed by techniques like averaging and
Pconst. was the constant power of the hardware. Hence, if the instantaneous power consumption details of such devices could be monitored and retrieved, it could reveal both its operations as well as the data used (Sun, Yen & Zambreno, 2008). For cryptographic devices, these data could be plaintext, cipher text or the secret key used for encryption and decryption. Differential Power Analysis (DPA) attacks which analyses the power consumption statistically was first discussed by P. Kocher et al. (1999) where they examined Data Encryption Standard (DES) embedded cryptographic devices. Their work not only showed the success of power analysis to retrieve the secret key, but also the possibility to mount such attacks on any cryptographic devices. Later, J. D. Grolic et al. (2002), M. Joyce et al. (2005), J. Jaffe (2007) and many others showed than even Advanced Encryption Standard (AES) was vulnerable to DPA. Soon a number of works to make power analysis more potent and effective appeared in literature. However, the performance of these attacks significantly ascended with the evolution of Correlation Power Analysis (CPA) where the dependency between the power consumption of the device with respect to the processed data were analyzed through power models (Brier, Clavier & Oliver, 2004). But, while computing correlations there appeared some additional unwanted power consumption peaks called
“ghost peaks” which created confusion in identifying the actual power details in the device. Due to these ghost peaks, a large number of power traces were required for analysis, thus challenging the early threat of power analysis attacks.