Counter Measures

Constant-time Implementation

Encryption time should be made independent of the value of the key. This can be accomplished by careful implementation of instructions by making them time-independent. One way of achieving this is to use a look-up table that should take a fixed amount of time for every execution.

Power Attacks

Preventing Power attacks can be accomplished in the following ways:

  • Physical shielding of the device so that the leaking signal size is reduced.
  • Adding noise to the power measurements. This ensures that the attacker will require more samples for analysis.
  • Temporal obfuscation of the instructions. This is achieved by randomizing the execution of the instructions. This model controls the power attacks if implemented effectively. If the randomization is not spread properly, it might even aid the attacker in obtaining the relevant information. Temporal obfuscation can also be achieved by randomized clock signals.

Probing Attacks

The system must have the hardware architecture designed in such a way that optical probing shouldn’t reveal the state of a bit. A bit should be made as ‘HL’ or ‘LH’ instead of a single ‘H’ or ‘L’.

Random Number and Unique Key Generators

Random number generation forms a formidable task in cryptosystems. To state the truth, no finite machine could ever produce a true random number. Any number generated, which seems to be a random number is called as pseudo-random number. One way of generating pseudo-random numbers is through the use of an algorithm utilizing the linear feedback shift registers. Another concept of generating random numbers is to use a conventional cryptographic algorithm. As input to the cryptographic algorithm, a user-generated number is used and this number is called the seed to the pseudo-random number generator. The seed should be carefully selected to prevent any malicious user from guessing it or reproducing it by any other means. The keys for cryptosystems should be based on random numbers and care must be taken that such numbers pass the random number tests. The unique key generator for the cryptosystem should carefully perform the task of generating the session keys. The longer the session key is in use, the more vulnerable is the cryptosystem to the attacks. The registers that hold the keys should be volatile and the key should be deleted when it is no longer needed.

In the context of smart attacks, the following security issues should be kept in mind while implementing a cryptographic system.

  • Formulate the system to detect various types of attacks.
  • Turn off the power to the internal RAM when system tampering is detected.
  • The keys should always be stored in volatile memory.
  • Change the keys for every session.
  • Metal shield the device to prevent the leakage of high-frequency pulses.
  • Implement constant-time algorithms.
  • Use double sized blocks with complement data to defeat power attacks.

When dealing with cryptosystems, the added issues of security affect all the above metrics. The security issues become the top priority in the metrics to evaluate the system. The difference between a poorly designed and perfectly designed cryptographic system cannot be assessed until an attack is made on both of them. The only way to make the systems more robust is to learn from the previous attacks and explore the weaknesses in the present systems by performing new kinds of attacks. Thus, the ideal way of summarizing this concept is ‘the real security of a system cannot be assessed until it is broken’.