Open in app

Sign in

Write

Sign in

Side Channel Attack (SCA)

Kresna Devara
7 min readJan 2, 2021

--

Hello, in the previous post I have talked about AES. In this post I will talk about the something interesting about breaking a cryptographic algorithm. There are two methods to break a cryptographic algorithm. The first one with cryptanalysis like in the Vigenere and Caesar and another one is using side channel leakage. DES and AES are very hard to break with cryptanalysis methods. However, this algorithm still can be broken using a leakage from their side channel device.

Attack on Cryptographic Device

There are a lot of cryptographic device that implements a cryptographic algorithm and stores a cryptographic key. For example in identification card, payment card, mobile phone, multimedia, etc.

The cryptographic device is used as tools to make sure data integrity. However, the cryptographic device might have a weakness from the electronics components.

A good algorithm is not enough to secure a cryptographic devices. Another way to break a cryptographic device might still open.

There are two ways to performing attacks:

Active (Perturbate and Conclude) or Fault Attack:

  • Disturbance some variables in order to obtain information on sensitive values.
  • Disturbance of code execution to force the chip to execute some forbidden operations or to skip some sensitive process.
  • Use the physical properties of the device components: electrical disturbance (glitch), light, heat, electromagnetic radiations.

Passive (Observe and Infer) or Side Channel Analysis:

  • Observe the behavior of the chip.
  • Use the physical properties of the device components: timing variation, power consumption, radio frequency field, electromagnetic radiations.

There are Three ways of physically attacks on cryptographic device:

Non Invasive Attack: no modification to device

  • Can be performed with Power , Timing , Radio Frequency Analysis or Attack.

Semi Invasive Attack: open package (the packaging is modified, the chip is exposed), no direct contact to device.

  • Can be performed with Electromagnetic Radiation and Radio Frequency Analysis or Light/Laser Attack.

Invasive Attack: open package (the packaging is destroyed, the physical integrity of the chip is modified), direct contact to the chip

  • Can be performed with circuit modification and Laser / Focused Ion Beam (FIB).

Side Channel Attack with Simple Power Analysis (SPA) and Timing Variation

Every embedded system has a variative power consumption, it’s depend on the process inside of it. AND, XOR, OR, multiplication, addition operation have different instantaneous power over time. The CMOS (transistor) inside the chip have a different time to charge and discharge the gate. The behavior make the circuit have different current on every process.

With the help of data acquisition tools, we can capture the power on every process and then use it to analyze behavior of the system.

In this post I will give an example to break PIN authentication with Simple Power Analysis and Timing Variation. In this example the PIN authentication program was running on Chiwhisperer Nano Board.

CW Nano

The system has 5 digit PIN (consist an alphabet and a number). This is the pseudo code of the program.

MAIN FUNCTION
...IF check_PIN(...) == -1
 AnotherProcess()
 PRINT("Failed")
ELSE
 PRINT("Access Granted")FUNCTION check_PIN (USER_PIN, CORRECT_PIN)
 FOR i=1 to PIN_LENGTH
  IF USER_PIN[i] != CORRECT_PIN[i]
   RETURN -1
 ENDFOR
 RETURN 0

If the user input a wrong PIN, the system will run another process before the system ends. the AnotherProcess() is do nothing process with a random time variation on every process. You can input only 1 PIN value in this authentication, of course the the output will be failed. To break the PIN authentication we will use Divide and Conquer technique to get a correct PIN one by one.

Ok Let’s start the breaking process

1. I will guest the first PIN digit with ‘x’ as a input and capture the power of the board. The following figure show the power traces of CW Nano Board when running the PIN authentication process.

2. I will use another PIN value to see the differences of power traces. I will use ‘1’, ‘c’, ‘f’, ‘r’, ‘p’ as a first PIN value. The following figure show the result of 5 different input.

3. Nothing changes with the different output, I will use all possible PIN “abcdefghijklmnopqrstuvwxyz0123456789” to the system and see what happen

The traces is very noisy, but we can see from 36 possible value, only 1 value has different pattern. The input ‘h’ with index 7 has a different pattern among the other.

This is the following figure after the traces with input ‘h’ is hidden.

Wow the 35 input have same pattern, only 1 value has a different pattern. We can make hypothesize that the ‘h’ is the first correct PIN value.

If you see to the result, only 2 type of traces pattern are exist, the first one is the false pattern, and the second one is a true pattern.

If you look closer to the traces. The true and the false pattern have similar pattern in beginning and in ending.

We can conclude that the system is doing the same thing in the first, but when the correct PIN is inputted the system execute another process before the same process with the wrong PIN is executed. To see the similarity of the traces I shift the false traces 11 point to the right.

Wow it is very similar, ok Let’s zoom the traces and see the interesting pattern in true trace.

Ok we have found the interesting pattern appear in around sample point 20 with the highest peak in point 22.

4. After we found the correct first PIN value is ‘h’, let’s try to the second PIN digit and try all possibility of alphabet and numeric as like previous step. After that we can see the true correct pin will execute some process like figure bellow.

We can see when the correct PIN is inputted, there is a process with length 11 sample point.

5. To break all 5 PIN digit, we can analyze the traces with all possibility one by one until we get all the PIN value

Or we can automate the process with this scenario.

FUNCTION checkpass(trace, i):
    RETURN (trace[22 + 11*i] > 0.45)MAIN FUNCTION
trylist = "abcdefghijklmnopqrstuvwxyz0123456789"
password = ""FOR i=1 to 5
    FOR c in trylist:
        next_pass = password + c + "\n"
        trace = get_traces(next_pass)
        IF checkpass(trace, i):
            password += c
            PRINT("Success, pass now {}".format(password))
            BREAK

We already know that the first highest peak in sample point 22, and the distance between the peak is 11 sample point, we can use threshold value (i.e. : 0.45) to detect if the process is the correct one and then run 180 (36*5) times to guest for 5 PIN digit value.

Huala The attacking process is success. We can break the PIN with 180 times execution. This method is more efficient than the normal brute force. In the normal brute force you have to run 36⁵ (60.466.176) execution until you get the correct PIN value.

Conclusion

That’s all introduction about Side Channel Attack (SCA), this method is powerful enough to break plain cryptographic algorithm like DES, AES, RSA, and ECC. In the next post I will talk about how to break DES/AES with Non Profiled SCA with Differential Power Analysis (DPA) and Correlation Power Analysis (CPA).

-THANKYOU-

Reference:

  • “Introduction to Side Channel Attack”, 15th International COSIC Course — Josep Balasch. 2015
  • Chipwhisperer Github
Side Channel Attacks
Security
Cryptography
Crypto
Hacking

--

--

Kresna Devara
Kresna Devara

Written by Kresna Devara

12 Followers
1 Following

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams