On the Complexity of Attacking Elliptic Curve Based Authentication Chips

Loading...
Thumbnail Image
Date
2021
Volume
80
Issue
Journal
Series Titel
Book Title
Publisher
Amsterdam [u.a.] : Elsevier
Abstract

In this paper we discuss the difficulties of mounting successful attacks against crypto implementations if essential information is missing. We start with a detailed description of our attack against our own design, to highlight which information is needed to increase the success of an attack, i.e. we use it as a blueprint to the following attack against commercially available crypto chips. We would like to stress that our attack against our own design is very similar to what happens during certification e.g. according to the Common Criteria Standard as in those cases the manufacturer needs to provide detailed information. If attacking commercial designs without signing NDAs, we were forced to intensively search the Internet for information about the designs. We were able to reveal information on the processing sequence during the authentication process even as detailed as identifying the clock cycles in which the individual key bits are processed. But we could not reveal the private keys used by the attacked commercial authentication chips 100% correctly. Moreover, as we did not knew the used keys we could not evaluate the success of our attack. To summarize, the effort of such an attack is significantly higher than the one of attacking a well-known implementation.

Description
Keywords
ECC, ECDH, electromagnetic analysis, FPGA implementation, horizontal attacks, Infineon Trust B, NXP A1006, product piracy, Secure Authentication, Side Channel Analysis (SCA) Attacks
Citation
Kabin, I., Dyka, Z., Klann, D., Schaeffner, J., & Langendoerfer, P. (2021). On the Complexity of Attacking Elliptic Curve Based Authentication Chips. 80. https://doi.org//10.1016/j.micpro.2020.103480
Collections
License
CC BY 4.0 Unported