International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

DPA attacks on keys stored in CMOS cryptographic devices through the influence of the leakage behavior

Authors:
Osman Kocar
Download:
URL: http://eprint.iacr.org/2006/192
Search ePrint
Search Google
Abstract: Abstract: This paper describes the influences of the threshold voltage VT on the leakage behavior of the dice after a fabrication process. By measuring the current consumption (leakage) on a CMOS cryptographic device like smartcard security controller and using the DPA analysis it is possible to make the key visible which is used during a cryptographic operation. Therefore, in this paper not only the security risks by using the smartcard security controller will be shown where no DPA attacks have been performed. Furthermore, it will be shown that the results of DPA analysis only on a coincidentally selected die cannot be representative for the whole production. Rather the DPA analysis must be performed on a particularly selected die with the smallest VT parameter (worst case in the leakage behavior), so that the result for all other dice on the wafer (or for the whole production) can be considered as relevant. Thus, it will be shown that the test labs must use different methods regarding the DPA analysis in order to be able to cover the leakage behavior on all wafers of a production. For further re-evaluation of smartcards it is important that the manufacturer and the test labs can save time and costs by DPA measuring on the special selected worst case die.
BibTeX
@misc{eprint-2006-21685,
  title={DPA  attacks on keys stored in CMOS cryptographic devices through the influence of the leakage behavior},
  booktitle={IACR Eprint archive},
  keywords={smartcards, smart cards},
  url={http://eprint.iacr.org/2006/192},
  note={ osman.Kocar@bsi.bund.de 13305 received 2 Jun 2006, last revised 6 Jun 2006},
  author={Osman Kocar},
  year=2006
}