What is Side Channel Attack?

Information about Side Channel Attack

In cryptography, a side channel attack is any attack based on information gained from the physical implementation of a cryptosystem, rather than theoretical weaknesses in the algorithms (compare cryptanalysis). For example, timing information, power consumption, electromagnetic leaks or even sound can provide an extra source of information which can be exploited to break the system. Many side-channel attacks require considerable technical knowledge of the internal operation of the system on which the cryptography is implemented.

Attempts to break a cryptosystem by deceiving or coercing people with legitimate access are not typically called side-channel attacks: see social engineering and rubber-hose cryptanalysis. For attacks on computer systems themselves (which are often used to perform cryptography and thus contain cryptographic keys or plaintexts), see computer security.

General

General classes of side channel attack include:
  • Timing attack — attacks based on measuring how much time various computations take to perform.
  • Architectural side-effect attacks — attacks which take advantage of side-effects of performing a computation on a particular machine architecture (e.g., evicting cache lines).
  • Power monitoring attack — attacks which make use of varying power consumption by the hardware during computation.
  • TEMPEST (aka van Eck or radiation monitoring) attack — attacks based on leaked electromagnetic radiation which can directly provide plaintexts and other information.
  • Acoustic cryptanalysis — attacks which exploit sound produced during a computation (rather like power analysis).
In all cases, the underlying principle is that physical effects caused by the operation of a cryptosystem (on the side) can provide useful extra information about secrets in the system, for example, the cryptographic key, partial state information, full or partial plaintexts and so forth. The term cryptophthora (secret degradation) is sometimes used to express the degradation of secret key material resulting from side channel leakage.

Examples

A timing attack watches data movement into and out of the CPU, or memory, on the hardware running the cryptosystem or algorithm. Simply by observing how long it takes to transfer key information, it is sometimes possible to determine how long the key is in this instance (or to rule out certain lengths which can also be cryptanalytically useful). Internal operational stages in many cipher implementations provide information (typically partial) about the plaintext, key values and so on, and some of this information can be inferred from observed timings. Alternatively, a timing attack may simply watch for the length of time a cryptographic algorithm requires -- this alone is sometimes enough information to be cryptanalytically useful.

A power monitoring attack can provide similar information by observing the power lines to the hardware, especially the CPU. As with a timing attack, considerable information is inferable for some algorithm implementations under some circumstances.

As a fundamental and inevitable fact of electrical life, fluctuations in current generate radio waves, making whatever is producing the currents subject -- at least in principle -- to a van Eck (aka, TEMPEST) attack. If the currents concerned are patterned in distinguishable ways, which is typically the case, the radiation can be recorded and used to infer information about the operation of the associated hardware. According to former MI5 officer Peter Wright, the British Security Service analysed emissions from French cipher equipment in the 1960s[1]. In the 1980s, Soviet eavesdroppers were known to plant bugs inside IBM Selectric typewriters to monitor the electrical noise generated as the type ball rotated and pitched to strike the paper; the characteristics of those signals could determine which key was pressed.

If the relevant currents are those associated with a display device (ie, highly patterned and intended to produce human readable images), the task is greatly eased. CRT displays use substantial currents to steer their electron beams and they have been 'snooped' in real time with minimum cost hardware from considerable distances (hundreds of meters have been demonstrated). LCDs require, and use, smaller currents and are less vulnerable -- which is not to say they are invulnerable.

Also as an inescapable fact of electrical life in actual circuits, flowing currents heat the materials through which they flow. Those materials also continually lose heat to the environment due to other equally fundamental facts of thermodynamic existence, so there is a continually changing thermally induced mechanical stress as a result of these heating and cooling effects. That stress appears to be the most significant contributor to low level acoustic (i.e. noise) emissions from operating CPUs (about 10 kHz in some cases). Recent research by Shamir et al. has demonstrated that information about the operation of cryptosystems and algorithms can be obtained in this way as well. This is an acoustic attack; if the surface of the CPU chip, or in some cases the CPU package, can be observed, infrared images can also provide information about the code being executed on the CPU, known as a thermal imaging attack.

Countermeasures

Because side channel attacks rely on emitted information (like electromagnetic radiation or sound) or on relationship information (as in timing and power attacks), the most reasonable methods of countering such attacks is to limit the release of such information or access to those relationships. Displays are now commercially available which have been specially shielded to lessen electromagnetic emissions reducing susceptibility to TEMPEST attacks. Power line conditioning and filtering can help with power monitoring attacks, as can some continuous-duty UPSs. Physical security of hardware can reduce the risk of surreptitious installation of microphones (to counter acoustic attacks) and other micro-monitoring devices (against CPU power draw or thermal imaging attacks).

See also

Additional reading

External links

Cryptography (or cryptology; derived from Greek κρυπτός kryptós "hidden," and the verb γράφω gráfo "write" or λεγειν legein
..... Read more.
Implementation is the realization of an application, or execution of a plan, idea, model, design, specification, standard, algorithm, or policy.

In computer science, an implementation is a realization of a technical specification or algorithm as a program, software
..... Read more.
There are two different meanings of the word cryptosystem. One is used by the cryptographic community, while the other is the meaning understood by the public.

General meaning

In this meaning, the term cryptosystem is used as shorthand for "cryptographic system".
..... Read more.
In mathematics, computing, linguistics, and related disciplines, an algorithm is a finite list of well-defined instructions for accomplishing some task that, given an initial state, will proceed through a well-defined series of successive states, eventually terminating in an
..... Read more.
Cryptanalysis (from the Greek kryptós, "hidden", and analýein, "to loosen" or "to untie") is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so.
..... Read more.
Electromagnetic (EM) radiation is a self-propagating wave in space with electric and magnetic components. These components oscillate at right angles to each other and to the direction of propagation, and are in phase with each other.
..... Read more.
Sound is a disturbance of mechanical energy that propagates through matter as a wave (through fluids as a compression wave, and through solids as both compression and shear waves).
..... Read more.
Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information.[1] While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer
..... Read more.
In cryptography, rubber-hose cryptanalysis is a euphemism for the extraction of cryptographic secrets (eg the password to an encrypted file) from a person by torture, in contrast to a mathematical or technical cryptanalytic attack.
..... Read more.
key is a piece of information (a parameter) that controls the operation of a cryptographic algorithm. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa during decryption.
..... Read more.
plaintext is information used as input to an encryption algorithm; the output is termed ciphertext. The plaintext could be, for example, a diplomatic message, a bank transaction, an e-mail, a diary and so forth — any information that someone might want to prevent
..... Read more.
Computer security is a branch of information security applied to both theoretical and actual computer systems. Computer security is a branch of computer science that addresses enforcement of 'secure' behavior on the operation of computers.
..... Read more.
In cryptography, a timing attack is a side channel attack in which the attacker attempts to compromise a cryptosystem by analyzing the time taken to execute cryptographic algorithms. The attack exploits the fact that every operation in a computer takes time to execute.
..... Read more.
For power analysis in statistics, see .


In cryptography, power analysis is a form of side channel attack in which the attacker studies the power consumption of a cryptographic hardware device (such as a smart card, tamperproof "black box",
..... Read more.
A tempest is a violent storm.

Tempest may also refer to:

Fiction
  • The Tempest, a William Shakespeare play
  • Tempest (film), a 1928 John Barrymore film
  • Tempest (1982 film), a Paul Mazursky film

..... Read more.
Acoustic cryptanalysis is a side channel attack which exploits sounds, audible or not, produced during a computation or input-output operation by computer workstations, impact printers, or electromechanical cipher machines.
..... Read more.
key is a piece of information (a parameter) that controls the operation of a cryptographic algorithm. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa during decryption.
..... Read more.
plaintext is information used as input to an encryption algorithm; the output is termed ciphertext. The plaintext could be, for example, a diplomatic message, a bank transaction, an e-mail, a diary and so forth — any information that someone might want to prevent
..... Read more.
central processing unit (CPU), or sometimes simply processor, is the component in a digital computer capable of executing a program.(Knott 1974) It interprets computer program instructions and processes data.
..... Read more.
Cryptanalysis (from the Greek kryptós, "hidden", and analýein, "to loosen" or "to untie") is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so.
..... Read more.
Electromagnetic (EM) radiation is a self-propagating wave in space with electric and magnetic components. These components oscillate at right angles to each other and to the direction of propagation, and are in phase with each other.
..... Read more.
A tempest is a violent storm.

Tempest may also refer to:

Fiction
  • The Tempest, a William Shakespeare play
  • Tempest (film), a 1928 John Barrymore film
  • Tempest (1982 film), a Paul Mazursky film

..... Read more.
The Security Service
MI5

MI5 seal
Agency overview
Formed 1909 as the Secret Service Bureau.

Jurisdiction Government of the United Kingdom
Headquarters Thames House, London, United Kingdom

..... Read more.
For other uses, see Peter Wright (disambiguation).
Peter Maurice Wright (August 9, 1916—April 27, 1995) was a scientist and former MI5 counterintelligence officer noted for writing the controversial book Spycatcher
..... Read more.
KGB (transliteration of "КГБ") is the Russian abbreviation for Committee for State Security (Russian: (help info ) ;
..... Read more.
A covert listening device, more commonly known as a bug, is usually a combination of a miniature radio transmitter with a microphone. The use of bugs, called bugging, is a common technique in espionage and, increasingly, in police investigations.
..... Read more.
IBM Selectric typewriter (occasionally known as the IBM Golfball typewriter) is an influential electric typewriter design. It was introduced in 1961.

Instead of a "basket" of pivoting typebars the Selectric had a pivoting type element (frequently called a "typeball")
..... Read more.
Thermodynamics (from the Greek θερμη, therme, meaning "heat" and δυναμις, dynamis, meaning "power") is a branch of physics that studies the effects of changes in temperature, pressure, and volume on
..... Read more.
Acoustics is the branch of physics concerned with the study of sound (mechanical waves in gases, liquids, and solids). A scientist who works in the field of acoustics is an acoustician. The application of acoustics in technology is called acoustical engineering.
..... Read more.
Adi Shamir

At the CRYPTO 2003 conference
Born 1952
Tel Aviv, Israel
Field Cryptography
Institutions Weizmann Institute
Known for RSA
Feige-Fiat-Shamir Identification Scheme
..... Read more.

E-mail | Favorites | Print | Facebook | More