Sunday, December 20, 2015

What is Side Channel Attack ?

If not redirected, please click here

If a burglar wants to break into your house, not necessarily he has to break the lock and come inside. He may break in through the window or break the hinges of the door and break in. Attackers use similar concept to break a cryptosystem through Side Channel Attack.

Side Channel Attack

In practice, cryptosystem is implemented on physical devices. Algorithmically it is very difficult to break the cryptographic algorithm itself.

But, normally during cryptographic computation, the physical devices reveal some information in terms of power consumption, heat dissipation, time of computation, electromagnetic leaks etc. These information are called Side Channel Information.

In Side Channel Attack, attacker uses these Side Channel Information to determine the secret keys and break the cryptosystem.

Types of Side Channel Attack

There are different types of Side Channel Attack, each based on different Side Channel Information.

Some most common ones are mentioned below :

Time of Cryptographic Computation :

Various cryptographic computations normally take different time to execute. If an attacker has the information of time taken for computation of various inputs, and he does statistical analysis on the data, it becomes much easier for him to get the secret key.

The basic principle that the attacker uses here is, computation time of various cryptographic operation depends to some extent on the secret key. And, based on that information this type of Side Channel Attacks are perpetrated.

Power Consumption :

Similarly, power consumption of a cryptographic device also may reveal much information for the attackers.

For example, if for a smart card or embedded system power is drawn from an untrusted source and an attacker has the information on how much power is drawn by the cryptosystem at various inputs, the attacker can do statistical analysis on that information and it will become much easier for him to break the cryptosystem.

Electromagnetic Radiation :

Electrical devices often generate electromagnetic radiation as part of their operation. An attacker can observe this electromagnetic radiation of the cryptographic device and understand their relationship with the cryptographic computation. This can reveal a surprising amount of information with which it will become quite easier for the attacker to get the secret key. In this type of Side Channel Attack, attackers exploit this Side Channel Information.

Injection of Faults :

In this type of Side Channel Attack, the attacker injects faults in the cryptographic devices and observes its behavior.

The attacker may inject computational faults in the cryptosystem or he may send intentionally corrupted data to the device and then observe the output. If the attacker observes this non-standard information, it also reveals much information for the attacker.

Acoustic Sound :

Attackers sometimes even analyze the acoustic sounds produced at the time of cryptographic computation of the physical device and use that information to break the cryptosystem.

Reading Data from Memory :

Other than these, the attackers may read sensitive data from the memory after they are supposedly been deleted, or they may exploit the off-limit memory to access adjacent memory and use that information to break the cryptosystem.

Attackers may even use a combination of Side Channel Information to make the attack easier.


We can take some steps which may prove to be much helpful. Some of them are mentioned below :

  • As Side Channel Attacks are made based on leaked Side Channel Information, an effective countermeasure of Side Channel Attacks is to reduce the correlation between Side Channel Information and the secret key. One such countermeasure is to add random delay in cryptographic computations. One way this can be done is by Blinding. In this method, before decrypting the cyphertext, a random number is encrypted and added to the cyphertext. The decryption algorithm is then applied on the combined component and the random number is eliminated after the decryption. As a result of these operations, a random delay is added on the computation time and it becomes difficult for the attackers to extract the secret key observing the time of execution of various cryptographic computations.
  • Another countermeasure is to add some delay and design the cryptosystem in such a way that every cryptographic computation takes same amount of time. It reduces much the correlation between the secret key and computation time, making it very difficult for the attackers to attack.
  • Sometimes, special shielding is applied to lessen the electromagnetic emissions. This helps much in reducing leaked electromagnetoc emissions.
  • Power line conditioning and filtering can help in reducing power-monitoring attacks.
  • Another countermeasure is to make the software “PC-Secure”. In a PC-Secure program, the execution path does not depend on the secret values. All conditional branches instead depend on the public information only. As a result, it reduces the correlation between leaked Secure Channel Information and the secret key.
  • Sometimes, cryptographic code is designed to use memory only in a predictable fashion, such as accessing only the input, output and program data and in a fixed pattern only. This helps much in reducing Side Channels Attacks based on timing information or cache access pattern.

So, this was just an introductory article on Side Channel Attack. Hope you enjoyed it.

No comments:

Post a Comment