Low Cost Attacks on Tamper Resistant Devices
نویسندگان
چکیده
There has been considerable recent interest in the level of tamper resistance that can be provided by low cost devices such as smartcards. It is known that such devices can be reverse engineered using chip testing equipment, but a state of the art semiconductor laboratory costs millions of dollars. In this paper, we describe a number of attacks that can be mounted by opponents with much shallower pockets. Three of them involve special (but low cost) equipment: di erential fault analysis, chip rewriting, and memory remanence. There are also attacks based on good old fashioned protocol failure which may not require any special equipment at all. We describe and give examples of each of these. Some of our attacks are signi cant improvements on the state of the art; others are useful cautionary tales. Together, they show that building tamper resistant devices, and using them e ectively, is much harder than it looks.
منابع مشابه
Cryptographic processors : applications and attacks survey
The combination of cryptographic tools and tamper-resistant mechanisms appeared first in military applications to secure communication links using tamper-resistant cipher machines. The spread of ATM networks brought the technology into the commercial mainstream. During the last years, the use of embedded cryptographic processors has spread from low-cost cryptoprocessors, such as smart cards use...
متن کاملTamper-Resistant Arithmetic for Public-Key Cryptography
Cryptographic hardware has found many uses in ubiquitous and pervasive security devices with a small form factor, e.g. SIM cards, smart cards, electronic security tokens, and soon even RFIDs. With applications in banking, telecommunication, healthcare, ecommerce and entertainment, these devices use cryptography to provide security services like authentication, identification and confidentiality...
متن کاملBlind Certification of Public Keys and Efficiently Revocable Cash: Secure Against Capable Attackers
Electronic cash should be revocable in order to nullify the effect of attacks mounted by a capable attacker (e.g., double spending by reverse-engineering tamper-resistant devices). For prudent engineering considerations, cash revocability forms a necessary complementary measure to using tamper-resistant devices, adding system security while lowering system cost by reducing the level of physical...
متن کاملBuying AES Design Resistance with Speed and Energy
Fault and power attacks are two common ways of extracting secrets from tamper-resistant chips. Although several protections have been proposed to thwart these attacks, resistant designs usually claim significant area or speed overheads. Furthermore, circuit-level countermeasures are usually not reconfigurable at runtime. This paper exploits the AES’ algorithmic features to propose low-cost and ...
متن کاملProbing Attacks on Tamper-Resistant Devices
This paper describes a new type of attack on tamper-resistant cryptographic hardware. We show that by locally observing the value of a few RAM or adress bus bits (possibly a single one) during the execution of a cryptographic algorithm, typically by the mean of a probe (needle), an attacker could easily recover information on the secret key being used; our attacks apply to public-key cryptosyst...
متن کامل