Electromagnetic Attacks and Countermeasures
نویسنده
چکیده
EM is a side-channel with a long history of rumors and leaks associated with its use for espionage. It is well known that defense organizations across the world are paranoid about limiting EM emanations from their equipment and facilities and conduct research on EM attacks and defenses in total secrecy. In the United States, such work is classified under the codename “TEMPEST” which is believed to be an acronym for “transient electromagnetic pulse emanation standard”. In January 2001, in response to a Freedom of Information Act (FOIA) request, some documents related to TEMPEST such as NACSIM 5000 tempest fundamentals, NACSEM 5112 NONSTOP evaluation techniques and NSTISSI no. 7000 TEMPEST countermeasures for facilities were released in redacted form and can be downloaded from the website http://www.cryptome.org. In the public domain, the significance of the EM side-channel was first demonstrated by van Eck in 1985 [11]. He showed that EM emanations from computer monitors could be captured from a distance and used to reconstruct the information being displayed. Figures 15.1 and 15.2 show a modern day recreation of this attack, where the contents of the computer monitor displaying a Word document in Figure 15.1 have been reconstructed in Figure 15.2 using only the EM emanations from that monitor. As a defense against this attack, Kuhn and Anderson in 1998 [8] developed special fonts which have substantially reduced EM leakage characteristics which make them difficult to reconstruct. The first openly published works on EM analysis of ICs and CPUs performing cryptographic operations by Quisquater and Samyde [9] and by Gandolfi, Mourtel and Olivier [5] in 2001 were quite limited. These attacks were performed on chip cards and required tiny antennas to be placed in very close proximity to the IC being attacked. In fact, the best attacks were semi-invasive, requiring the decapsulation
منابع مشابه
Practical Analysis of RSA Countermeasures Against Side-Channel Electromagnetic Attacks
This paper analyzes the robustness of RSA countermeasures against electromagnetic analysis and collision attacks. The proposed RSA cryptosystem uses residue number systems (RNS) for fast executions of the modular calculi with large numbers. The parallel architecture is protected at arithmetic and algorithmic levels by using the Montgomery Ladder and the Leak Resistant Arithmetic countermeasures...
متن کاملReview of gate-level differential power analysis and fault analysis countermeasures
Hardware implementation of modern crypto devices paves the way for a special type of cryptanalysis, which is known as side channel analysis (SCA) attacks. These attacks are designed to extract critical information from the physical leakage of the digital circuitry such as the power consumption and electromagnetic emissions. Differential power analysis (DPA) attacks are considered the most effic...
متن کاملLow Cost Countermeasure at Authentication Protocol Level against Electromagnetic Side Channel Attacks on RFID Tags
Radio Frequency Identification (RFID) technology is widely spread in many security applications. Producing secured low-cost and low-power RFID tags is a challenge. The used of lightweight encryption algorithms can be an economic solution for these RFID security applications. This article proposes low cost countermeasure to secure RFID tags against Electromagnetic Side Channel Attacks (EMA). Fir...
متن کاملA survey on RPL attacks and their countermeasures
RPL (Routing Protocol for Low Power and Lossy Networks) has been designed for low power networks with high packet loss. Generally, devices with low processing power and limited memory are used in this type of network. IoT (Internet of Things) is a typical example of low power lossy networks. In this technology, objects are interconnected through a network consisted of low-power circuits. Exampl...
متن کاملNote on side-channel attacks and their countermeasures
In the last few years ciphers making use of table-lookups in large tables—and most notably AES [12, 6]—have received a lot of bad publicity due to their vulnerability to cache attacks [15, 1, 13]. These attacks target the secret key by exploiting the variable time that an AES computation takes due to the storage of the large table in cache. From this one may conclude that algorithms that do not...
متن کاملDifferential Analysis of a Low Energy Table-based Countermeasure for Secure Embedded Systems
ABSTRACT Future wireless embedded devices will be increasingly powerful supporting many more applications including one of the most crucial, security. Although many embedded devices offer more resistance to bus probing attacks due to their compact size, susceptibility to power or electromagnetic analysis attacks must be analyzed. This paper presents a table masking countermeasure to resist diff...
متن کامل