1. Field of the Invention
The invention relates to countermeasures for preventing determination of cryptographic keys by power analysis of a cryptographic device.
2. Description of Related Art
Near the end of the 20th century, it was discovered that information from a cryptographic device (e.g. a smartcard reader) can be revealed non-intrusively by analysis of the power consumption of the device. Examples of methods of power analysis are known as Simple Power Analysis (SPA) and Differential Power Analysis (DPA). SPA involves visual examination of graphs of the current used by a device as a function of time. As an example, when a complementary metal oxide semiconductor (CMOS) logic circuit changes from a logic 0-state to a logic 1-state, a significant amount of electrical current is drawn from the power supply, whereas in the opposite case a negligible amount is drawn. Likewise, a microprocessor will have different power consumption profiles for different commands. Therefore, in a power trace from a smartcard performing a data encryption standard (DES) encryption, the different rounds can be clearly seen. Also, squaring and multiplication operations of an RSA implementation can be distinguished, thus enabling an eavesdropper to compute the secret key.
DPA statistically analyzes power consumption of a cryptographic device. DPA records the power consumption over many rounds and can then remove noise that would prevent analysis based on SPA.
One method of protecting against power analysis is based on hiding the calculation. This method includes designing the cryptographic device to have a uniform or random power consumption regardless of the operations being performed, for example by adding randomness to the leakage signal or complementing the calculation signal to achieve the uniform power consumption.
An alternative method for protecting the cryptographic device is by masking the calculation. In this method, the cryptographic device is designed to add randomness to the calculation (e.g. additional unnecessary calculations to be performed with the calculation) so that the power consumption is different for each round even if the same data is analyzed.
Other methods add random noise and/or randomize the signal clock to make it harder for the calculation to be identified by DPA.
Typically, each method of protecting the cryptographic device is associated with a level of complexity and may be overcome if enough effort is invested. Therefore, it is of interest to find more complex methods to prevent the method from being cracked.