Encryption is now used for a plurality of applications, such as password protection for wireless networks, smart cards, and others. Various algorithms are used to provide this encryption. Most involve the use of a secret key, which may be 128 bits or more. Messages, which may be referred to as plaintext, are encoded by the source using the secret key, and transmitted to a destination. The destination then uses the same secret key to decrypt the message sent by the source.
Since the secret key has 128 bits, the possibility of breaking the secret key using a brute force attack is small. Many applications utilize this type of encryption. For example, many devices have software or firmware that can be updated. Traditionally, the new software image may be encrypted using the secret key, which insures that only authorized software images are loaded onto the device.
However, recently, side-channel attacks have become more prevalent. A side-channel is a characteristic of the system that unintentionally provides information concerning the secret key. One example of a side-channel is power consumption.
Encryption and decryption algorithms involve various software and/or hardware procedures. Each of these software and/or hardware procedures may typically use a different amount of power. Thus, by monitoring the power consumption of a cryptographic system, it may be possible to deduce the progression of the encryption and decryption algorithms.
In fact, by only monitoring the power consumption of a cryptographic system, it has been demonstrated that it is possible to decipher secret keys from a wide variety of different cryptographic algorithms, such as Advanced Encryption Standard (AES). Techniques used to decipher these secret keys may include simple power analysis (SPA), differential power analysis (DPA), and high order differential power analysis (HO-DPA).
If the secret key that is used to encrypt the software image is compromised, a malicious user may install an unwanted software image on the device or gain access to confidential information.
Therefore, it would be beneficial if there were a system and method that could reduce the possibility that the secret key used by a bootloader is compromised via a side channel attack.