The Design of Rijndael
Differential Power Analysis in the Presence of Hardware Countermeasures
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
Reverse-engineering a cryptographic RFID tag
SS'08 Proceedings of the 17th conference on Security symposium
Picosecond imaging circuit analysis
IBM Journal of Research and Development
Using Optical Emission Analysis for Estimating Contribution to Power Analysis
FDTC '09 Proceedings of the 2009 Workshop on Fault Diagnosis and Tolerance in Cryptography
CMOS VLSI Design: A Circuits and Systems Perspective
CMOS VLSI Design: A Circuits and Systems Perspective
When failure analysis meets side-channel attacks
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Smart Card Handbook
Cache Games -- Bringing Access-Based Cache Attacks on AES to Practice
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Localized electromagnetic analysis of cryptographic implementations
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
ACM Transactions on Information and System Security (TISSEC)
Breaking and entering through the silicon
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Differential photonic emission analysis
COSADE'13 Proceedings of the 4th international conference on Constructive Side-Channel Analysis and Secure Design
Hi-index | 0.00 |
This work presents a novel low-cost optoelectronic setup for time- and spatially resolved analysis of photonic emissions and a corresponding methodology, Simple Photonic Emission Analysis (SPEA). Observing the backside of ICs, the system captures extremly weak photoemissions from switching transistors and relates them to program running in the chip. SPEA utilizes both spatial and temporal information about these emissions to perform side channel analysis of ICs. We successfully performed SPEA of a proof-of-concept AES implementation and were able to recover the full AES secret key by monitoring accesses to the S-Box. This attack directly exploits the side channel leakage of a single transistor and requires no additional data processing. The system costs and the necessary time for an attack are comparable to power analysis techniques. The presented approach significantly reduces the amount of effort required to perform attacks based on photonic emission analysis and allows AES key recovery in a relevant amount of time.