Download
optical side channel attack on pic16f84a n.
Skip this Video
Loading SlideShow in 5 Seconds..
Optical side-channel attack on PIC16F84A PowerPoint Presentation
Download Presentation
Optical side-channel attack on PIC16F84A

Optical side-channel attack on PIC16F84A

299 Vues Download Presentation
Télécharger la présentation

Optical side-channel attack on PIC16F84A

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Optical side-channel attack on PIC16F84A Martin Hlaváč Charles University in Prague CNES internship summary (part of USE IT project) ECRYPT Ph. D. Summer School, Samos, Greece, May 4, 2007

  2. Gold Card = PIC16F84 + 24LC16B • PIC16F84 1024 x 14 bit program 68B Static RAM 5V @ 4MHz (ISO7816) • 24LC16B 2048Byte EEPROM 18 10 8 5 PIC16F84 24LC16B 1 4 1 9 C5 C1 C6 C2 C7 C3 C8 C4

  3. Gold Card uncovered (Front Side) SRAM Problem: Too much metal on SRAM. Solution: Back Side 

  4. PIC16F84A back side SRAM back side (20x) PIC16F84A uncovered (Back Side) Problem: Silicon layer too thick (~300 µm). Solution: Slim it down to ~70 µm.

  5. 16 bytes AES state 16 bytes Measurement goal We can do bit flips!!! Monitor changes of bytes in State block during AES How? Dynamic light emission detection (PICA) Theory: byte flips => light is emitted byte stays => just noise bit bit

  6. Static vs. dynamic observation vs. All photons observed at one image Frames 166 ns = 1 clock cycle

  7. movlw 0xff (frames 0..3) xorwf block+0x0,f (frames 4..7) movlw 0xaa (frames 8..11) xorwf block+0x0,f (frames 12..15) movlw 0x55 (frames 16..19) xorwf block+0x0,f (frames 20..23) movlw 0x00 (frames 20..23) xorwf block+0x0,f (frames 24..27) Individual frames 3rd clock

  8. “xor 0xFF” “xor 0xAA” “xor 0x55” “xor 0x00” 3rd clocks reveal the key

  9. No cryptanalysis needed • AES key is fully revealed during AddRoundKey operation • Even if only byte flips can be detected, the key can be recovered with 28 measurements

  10. Conclusions Dynamic light emission • is a very strong side channel (once synchronized) • applicable on other ciphers/schemes and devices

  11. The end Thank you for your attention! hlavm1am@artax.karlin.mff.cuni.cz USE IT: http://useit.cuni.cz/