A Cautionary Note Regarding Evaluation of AES Candidateson

NIST has considered the performance of AES candidates on smart-cards as an important selection criterion and many submitters have highlighted the compactness and eeciency of their submission on low end smart cards. However, in light of recently discovered power based attacks, we strongly argue that evaluating smart-card suitability of AES candidates requires a very cautious approach. We demonstrate that straightforward implementations of AES candidates on smart cards, are highly vulnerable to power analysis and readily leak away all secret keys. To illustrate our point, we describe a power based attack on the Twoosh Reference 6805 code which we implemented on a ST16 smart card. The attack required power samples from only 100 independent block encryptions to fully recover the 128-bit secret key. We also describe how all other AES candidates are susceptible to similar attacks. We review the basis of power attacks and suggest countermeasures for a secure implementation. Unfortunately, it appears that these software countermeasures result in signiicant memory and eeciency overhead and therefore the most eecient smart card implementation cannot serve as a guide in evaluating AES candidates.