Side-channel Cryptanalysis

Attacks based on implementation flaws rather than algorithms are called as side-channel attacks. These attacks rely upon the leaking of side-channel information such as execution time and power consumption.

Timing Attacks

Timing attacks exploit the execution times of the application. The execution time of the algorithm is measured in order to obtain information about the key. Such an attack is very powerful and will often compromise the security of the whole system.

Power Attacks

Power analysis attacks explore the power intake of the system and can obtain vital information of the inner working. The power consumption of the device is measured to obtain information about the key.

  • Simple Power Analysis: This deals with analyzing the recorded power data and the data sets.
  • Differential Power Analysis: This deals with the statistical analysis of the power data by comparing different plain texts and ciphers.

Since power analysis attacks are non-invasive, they are virtually non-detectable. This poses a considerable threat to the security of the system since the damage caused cannot be assessed.

Probing Attacks

A probing attack is a direct physical attack where probes are inserted onto the hardware to examine the memory content and the data transfers on the buses. This can be avoided by physical shielding of the device.

Optical probing is the newest technique for probing attacks. Apart from physical shielding, other methods of attack detection must be incorporated in case the attacker breaks the physical shield.

Fault Induction Attacks

Faults or errors are introduced into the device by crude means like exposure to radiation. Errors are introduced into the system and the outcomes are analyzed. With a statistical induction of errors, relevant information may be extracted.

--NEXT--> Counter Measures