One field of application for the present invention is to hide side channel leakage of cryptographic chips. Wireless networks, such as sensor networks, for example, are a relatively new technology which has nevertheless succeeded in acquiring commercial relevance. In the field of automation engineering, the use of wireless systems and also wireless sensor networks will gain in importance in the years ahead and will generate competitive advantage if providers can offer secure wireless systems.
One important security aspect lies in the protection of critical info structures. Wireless systems are used intensively in this area also.
The use of wireless systems gives rise to the following changes regarding the safeguarding of IT security:
1. Every wireless device can be physically attacked, not only via the network connection, but also directly after purchase. Standard security solutions originating from the field of fixed network communication, where all attacks are channeled through the Internet connection, are no longer adequate.
2. Wireless devices cannot always be contacted. If the wireless link is poor, or if the devices are in power-saving mode, breaks in contact may occur, lasting from a few seconds to minutes or even hours. Since the visibility of the wireless device changes, an attacker can steal one, unnoticed by the lawful owner, and examine it in his laboratory in order to extract a secret cryptographic key, for example, which not only destroys the confidentiality of communication, but also allows identity theft. The attacker can then return the device or bring a cloned device into the network, without the lawful owner necessarily being able to notice what is happening.
Such an attack is all the more likely to succeed, the faster it can be carried out. This is, because the sooner the attacked device is re-integrated in the network, the lower the likelihood of its temporary absence being discovered. In order to reduce the amount of time needed to carry out an attack on the hardware, such an attack is normally prepared meticulously. The cryptographic hardware is normally attacked in two steps. In the first step, a number of devices are analyzed in order to gain acquaintance with their design and behavior. The aim of this first step is to prepare and facilitate the attack on an actual target device in the second step. Performing such an attack in two steps is conditional on the attacker being able to procure a sufficiently large number of identical devices. That is usually not a problem, because ASICs are produced in large numbers and are so inexpensive that an attacker can easily buy as many ASICs as are needed. After such preparation, the actual target devices can be stolen and attacked.
One known method of attack is differential power analysis (DPA), which involves analyzing how the measurable power traces (PT) of processors depends over time on the processed data while those data are being processed.
The aim of all protective measures against DPA can be briefly formulated as follows: modify the appearance of a crypto-operation's PT is such a way that the attacker is unable to identify which data are being processed when and how.
The following technologies are known for protecting against DPA in the case of a cryptographic application which uses elliptic curve cryptography (ECC):
1. randomizing the key
2. point blinding elliptic curves
3. randomizing the projective coordinates of EC points
The main objective of these DPA countermeasures is to avoid any dependence of measurable power traces (PT) on input data known to the attacker. The input data known to the attacker are combined with random data. As a result, the power traces no longer show the processing of the input data known to the attacker, or any other previously defined (fixed) input data, but the processing of data which are unknown to the attacker.
Other mathematical protective mechanisms randomize how the cryptographic algorithm is executed: the algorithm is no longer executed sequentially in a predefined sequence of mathematical operations, but the mathematical operations are replaced by a “randomly determined order” in such a way that the correct result is nevertheless delivered at the end of the calculation. The attacker is deprived in this way of the knowledge of when exactly, and exactly which operations are executed with exactly which input data.
Protective measures based on randomization have been successfully attacked in the meantime. The ineffectiveness of protective measures is described more and more often in the literature. The development of DPA-resistant implementations is becoming more complicated. Since there are now attacks against protective measures, it is necessary to design and correctly implement protective measures for the protective measures themselves. For example, a DPA protective measure—randomizing the key—can be successfully attacked with a carry-based attack. This means that not only the original cryptographic implementation against DPA must be protected, but that a mechanism must also be developed and implemented which can protect the randomization of the key against a carry-based attack.
Another way of making DPA more difficult is to significantly increase the level of noise while the cryptographic operations are being calculated. Information useful for DPA is concealed (hidden) in the noise. The following measures, among others, can be used to conceal information useful for DPA: introducing dummy operations, introducing random delays and introducing random dummy operations. Since typical ECC circuits are large (with thousands of gates), a signal level of a signal useful for an attacker is high. Increasing the noise level during execution of the EC cryptographic operation (thousands of clocks), in order to conceal the useful information in the noise therefore involves a high power consumption.
The complexity, the implementation time and the costs involved in implementing cryptographic algorithms are thus growing strongly. The power consumption and the chip area required to implement cryptographic application with integrated DPA countermeasures are increasing accordingly.