Power Analysis Attacks -
Revealing the Secrets of Smartcards
DPAbook About the DPA BookTable of Contents  
 
About the DPA Book
- Abstract
- Table of Contents
- Release Date
- Authors

Errata
- Online Errata

Online Material
- Matlab Scripts
- Matlab Workspaces

Links
- Universities
- Industry
- Conferences

Table of Contents

Foreword
Preface
Notation
Glossary
  1. Introduction
    1. Cryptography and Cryptographic Devices
    2. Attacks on Cryptographic Devices
    3. Power Analysis Attacks
    4. Countermeasures Against Power Analysis Attacks
    5. Summary

  2. Cryptographic Devices
    1. Components
    2. Design and Implementation
      1. Design Steps
      2. Semi-Custom Design
    3. Logic Cells
      1. Types of Logic Cells
      2. Complementary CMOS
    4. Summary

  3. Power Consumption
    1. Power Consumption of CMOS Circuits
      1. Static Power Consumption
      2. Dynamic Power Consumption
      3. Glitches
    2. Power Simulations and Power Models for Designers
      1. Analog Level
      2. Logic Level
      3. Behavioral Level
      4. Comparison
    3. Power Simulations and Power Models for Attackers
      1. Hamming-Distance Model
      2. Hamming-Weight Model
      3. Other Power Models
      4. Comparison
    4. Measurement Setups for Power Analysis Attacks
      1. Typical Measurement Setups
      2. Power Measurement Circuits and EM Probes
      3. Digital Sampling Oscilloscopes
      4. Examples of Measurement Setups
    5. Quality Criteria for Measurement Setups
      1. Electronic Noise
      2. Switching Noise
    6. Summary

  4. Statistical Characteristics of Power Traces
    1. Composition of Power Traces
    2. Characteristics of Single Points
      1. Electronic Noise
      2. Data Dependency
      3. Operation Dependency
    3. Leakage of Single Points
      1. Signal and Noise
      2. Signal-to-Noise Ratio
    4. Characteristics of Power Traces
      1. Correlation
      2. Multivariate-Gaussian Model
    5. Compression of Power Traces
      1. Relevant Points of Power Traces
      2. Examples
    6. Confidence Intervals and Hypothesis Testing
      1. Sampling Distribution
      2. Confidence Intervals
      3. Confidence Interval and Hypothesis Test for mu
      4. Confidence Interval and Hypothesis Test for mu_X - mu_Y
      5. Confidence Interval and Hypothesis Test for rho
      6. Confidence Interval and Hypothesis Test for rho_0 - rho_1
    7. Summary

  5. Simple Power Analysis
    1. General Description
    2. Visual Inspections of Power Traces
      1. Example for Software
    3. Template Attacks
      1. General Description
      2. Template Building Phase
      3. Template Matching Phase
      4. Example for a MOV Instruction
      5. Example for the AES Key Schedule
    4. Collision Attacks
      1. Example for Software
    5. Notes and Further Reading

  6. Differential Power Analysis
    1. General Description
    2. Attacks Based on the Correlation Coefficient
      1. Examples for Software
      2. Examples for Hardware
    3. Calculation and Simulation of Correlation Coefficients
      1. Examples for Software
      2. Examples for Hardware
    4. Assessing the Number of Needed Power Traces
      1. Rule of Thumb
      2. Examples
    5. Alternatives to the Correlation Coefficient
      1. Difference of Means
      2. Distance of Means
      3. Generalized Maximum-Likelihood Testing
    6. Template-Based DPA Attacks
      1. General Description
      2. Examples for Software
    7. Notes and Further Reading

  7. Hiding
    1. General Description
      1. Time Dimension
      2. Amplitude Dimension
      3. Methods to Implement Hiding
    2. Architecture Level
      1. Software
      2. Hardware
    3. Cell Level
      1. General Description of DRP Logic Styles
      2. Constant Power Consumption of DRP Logic Styles
      3. Semi-Custom Design and DRP Logic Styles
    4. Examples of DRP Logic Styles
      1. Sense Amplifier Based Logic
      2. Wave Dynamic Differential Logic
    5. Notes and Further Reading

  8. Attacks on Hiding
    1. General Description
      1. Time Dimension
      2. Amplitude Dimension
    2. DPA Attacks on Misaligned Power Traces
      1. Reasons for Misalignment
      2. Alignment of Power Traces
      3. Preprocessing of Power Traces
      4. Examples
    3. Attacks on DRP Logic Styles
      1. Balanced Complementary Wires
      2. Unbalanced Complementary Wires
    4. Notes and Further Reading

  9. Masking
    1. General Description
      1. Boolean vs. Arithmetic Masking
      2. Secret Sharing
      3. Blinding
      4. Provable Security
    2. Architecture Level
      1. Software
      2. Hardware
    3. Cell Level
      1. General Description of Masked Logic Styles
      2. Semi-Custom Design and Masked Logic Styles
    4. Examples of Masked Logic Styles
      1. Masked Dual-Rail Precharge Logic
    5. Notes and Further Reading

  10. Attacks on Masking
    1. General Description
      1. Second-Order DPA Attacks
    2. DPA Attacks
      1. Multiplicative Masking
      2. Mask Reuse Attacks
      3. Biased Mask Attacks
    3. Second-Order DPA Attacks on Software Implementations
      1. Preprocessing
      2. DPA Attacks on the Preprocessed Traces
      3. Example for Masked AES
      4. Example for Masked and Shuffled AES
    4. Second-Order DPA Attacks on Software Implementations Using Templates
      1. Templates Before Preprocessing the Traces
      2. Templates for Preprocessing the Traces
      3. Templates After Preprocessing the Traces
    5. Template-Based DPA Attacks
      1. General Description
      2. Example for Masked AES
    6. Second-Order DPA Attacks on Hardware Implementations
      1. Preprocessing
      2. DPA Attacks on Preprocessed Traces
      3. Example for a Masked S-Box
      4. Example for MDPL
    7. Notes and Further Reading

  11. Conclusions
    1. Specific Conclusions
    2. General Conclusions

Appendices
  1. DPA Article by Kocher et al.
    1. Background
    2. Introduction to Power Analysis
    3. Preventing SPA
    4. Differential Power Analysis of DES Implementations
    5. Differential Power Analysis of Other Algorithms
    6. Preventing DPA
    7. Related Attacks
    8. Conclusions

  2. The Advanced Encryption Standard
    1. Algorithm
      1. Structure of the AES Encryption
      2. Round Transformation
      3. Key Schedule
    2. Software Implementation
      1. Microcontrollers
      2. AES Assembly Implementation
    3. Hardware Implementation
      1. Encryption Core
      2. S-Box

References
   
last update: 06.07.2009 Sponsored by Graz University of Technology