What are side channel attacks?
For years a cryptographic system was treated as a black box that receives plaintext and a key and that spits out ciphertext; or that receives ciphertext and a key and spits out plaintext. When this was the approach, the focus on assuring that the system is secure consisted mainly of:
- Making sure the cipher is not breakable, that is, using a cipher that is perceived to be secure, along with long enough keys.
- Making sure the physical appliance that implements the system is not physically vulnerable, that is, that the appliance cannot be physically broken in an attempt to extract keys.
Reality is now known to be more complex. The cryptographic system is no longer considered as a black-box with two inputs and one output, but as a complex system that has other inputs and other outputs as well. As these additional input and output channels are considered, more attack venues become possible. These additional input and output channels are called side channels, as they are not the functional plaintext, key, and ciphertext channels, but are rather environmental channels. Examples for such side channels are:
- Timing. Other than the functional output of plaintext or ciphertext, a cryptosystem gives the indirect output of the amount of time that the encryption (or decryption) operation took. Anyone can measure this time and use this information.
- Power Consumption. Another output is the amount of power consumed by the device while performing the encryption (or decryption). Power consumption is possible to measure with great accuracy.
- Clock Signal. Other than the functional input, some cryptosystems also receive a clock signal. This clock signal can be messed up with to cause the device to misbehave and produce erroneous outputs. Such erroneous outputs, if returned to the opponent, can often help him in discovering the key.
- Other Environmental Inputs. The device is subject to input in the form of environmental conditions. Such environmental conditions, such as temperature, radiation, and UV light, may be manipulated to cause the device to carry out erroneous computation and produce erroneous results.
Attacks that are carried out by introducing errors to the computation are collectively called Fault Attacks.
Some References on Side Channel Attacks
There are numerous papers and books on this topic. Several good papers are listed here, divided into two groups by the technicality level of their audience.
Low to Medium Technical Level (Introductory Material)
- Wikipedia page on side channel attacks
- Wikipedia page on timing attacks
- Introduction to Side-Channel Attacks
- Introduction to Differential Power Analysis and Related Attacks
- Known Attacks Against Smartcards
- The Sorcerer's Apprentice Guide to Fault Attacks
- Design and Validation Strategies for Obtaining Assurance in Countermeasures to Power Analysis and Related Attacks
- Differential Power Analysis
- Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
Need more information?
If you need more information on this topic, or have any particular question, please use the query form to submit your question. If we have the answer — so will you.