Cryptography is the practice and study of techniques for secure communication in the presence of third parties (often called adversaries). More generally, cryptography is about constructing and analyzing protocols that overcome the influence of adversaries and which are related to various aspects in information security such as data confidentiality, data integrity and authentication. Applications of cryptography include ATM cards, computers and personal digital assistants (PDAs).
Encryption is the process of converting ordinary information (often called plain text) into unintelligible gibberish (often called cipher text). Decryption is the reverse; moving from the unintelligible cipher text back to plain text. A cipher (or cypher) is a pair of algorithms that create the encryption and the reversing decryption. The detailed operation of a cipher is controlled both by the algorithms and in each instance by a key. A key is a secret parameter (ideally known only to the communicants) for a specific message exchange context. Symmetric-key cryptography refers to encryption methods in which both the sender and receiver share the same key. Cryptanalysis is the study of methods for obtaining the meaning of encrypted information without access to the key normally required to do so (i.e. the study of how to “crack” encryption algorithms or their implementations).
The advanced encryption standard (AES), adopted by the US government, is one of the most popular algorithms used for symmetric key cryptography. Because of its theoretical strength and because it is relatively simple to implement in hardware, it has been adopted in many portable electronics (e.g. smart cards and readers). While the AES algorithm itself has been considered to provide adequate security for today's applications, physical implementations of the algorithm on integrated circuits (ICs), for example, may leak information such that the security information may be stolen.
Power analysis attacks have been used with great effectiveness to steal secure information from cryptographic devices. The power analysis attacks exploit the fact that the behavior of power consumption (i.e. “side-channel” information) of a cryptographic device is related to the computations performed by the cryptographic device. FIG. 1 is a normalized power trace showing the power consumed during a single AES operation performed on an IC over multiple clock cycles. Otherwise secure information may be stolen from the IC by carefully analyzing a single or multiple power traces.
A differential power analysis (DPA) attack is one form of a power analysis attack. A DPA attack uses a large number of power traces (sometimes more than a hundred thousand traces) to correlate them to a hypothetical power model of a cryptographic algorithm. The use of DPA attacks to obtain otherwise secure information has been highly effective. A DPA attack can reveal a key to the AES algorithm by analyzing less than 2000 power traces from a circuit on an IC that implements the AES algorithm (i.e. an AES core). Therefore, it is important that an AES circuit not leak a power “signature” that may be used by DPA attacks to retrieve secure information from the AES circuit.