TY - GEN
T1 - Enhancement of simple electro-magnetic attacks by pre-characterization in frequency domain and demodulation techniques
AU - Meynard, Olivier
AU - Réal, Denis
AU - Flament, Florent
AU - Guilley, Sylvain
AU - Homma, Naofumi
AU - Danger, Jean Luc
PY - 2011
Y1 - 2011
N2 - SPA/SEMA (Simple Power/Electro-magnetic Analysis) attacks performed on public-key cryptographic modules implemented on FPGA platforms are well known from the theoretical point of view. However, the practical aspect is not often developed in the literature. But researchers know that these attacks do not always work, like in the case of an RSA accelerator. Indeed, SEMA on RSA needs to make a difference between square and multiply which use the same logic; this contrast with SEMA on ECC, which is easier since doubling and add that are two different operations from the hardware point of view. In this paper, we wonder what to do if a SEMA fails to succeed on a device. Does it mean that no attack is possible? We show that hardware demodulation techniques allow the recording of a signal with more information on the leakage than a raw recording. Then, we propose a generic and fast method enabling to find out demodulation frequencies. The effectiveness of our methods is demonstrated through actual experiments using an RSA processor on the SASEBO FPGA board. We show cases where only demodulated signals permit to defeat RSA.
AB - SPA/SEMA (Simple Power/Electro-magnetic Analysis) attacks performed on public-key cryptographic modules implemented on FPGA platforms are well known from the theoretical point of view. However, the practical aspect is not often developed in the literature. But researchers know that these attacks do not always work, like in the case of an RSA accelerator. Indeed, SEMA on RSA needs to make a difference between square and multiply which use the same logic; this contrast with SEMA on ECC, which is easier since doubling and add that are two different operations from the hardware point of view. In this paper, we wonder what to do if a SEMA fails to succeed on a device. Does it mean that no attack is possible? We show that hardware demodulation techniques allow the recording of a signal with more information on the leakage than a raw recording. Then, we propose a generic and fast method enabling to find out demodulation frequencies. The effectiveness of our methods is demonstrated through actual experiments using an RSA processor on the SASEBO FPGA board. We show cases where only demodulated signals permit to defeat RSA.
KW - Demodulation
KW - Modular Exponentiation
KW - Mutual Information
KW - Simple Electro-Magnetic Analysis
UR - http://www.scopus.com/inward/record.url?scp=79957539694&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=79957539694&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:79957539694
SN - 9783981080179
T3 - Proceedings -Design, Automation and Test in Europe, DATE
SP - 1004
EP - 1009
BT - Proceedings - Design, Automation and Test in Europe Conference and Exhibition, DATE 2011
T2 - 14th Design, Automation and Test in Europe Conference and Exhibition, DATE 2011
Y2 - 14 March 2011 through 18 March 2011
ER -