3.4 EM analysis of an RSA application on an Android phone
Unlike the public key algorithms in the previous two examples, the secret keys are not readily visible in the power traces. However, by applying t-tests to the traces, it is seen that the device leaks, and is likely vulnerable to side-channel attacks. (The t-tests will be discussed in detail in the next section. For now, it is sufficient to understand that the t-tests are standardized tests that indicate whether a device behaves differently based the data being processed.
In the t-test control group, the AES power traces have been randomly divided into two sets. The traces in each set are averaged, and the difference is computed. The results in Figure 15
below show that there are no statistically significant differences in the two data sets.
Figure 15: Control group for t-tests
In the t-test test group, one set of power traces consists of all the traces which operated on a (randomly selected) fixed 128-bit block of data. The other group consists of randomly selected traces. The results in Figure 16
below show that there are statistically significant differences in the two sets of data.
Figure 16: Test group shows device has leaks
This indicates that the device behaves differently based on the data being processed, and is likely vulnerable to side-channel analysis.
To access Part One, click here.
See related links:
Using MISRA C and C++ for security and reliability. Part I
Using MISRA C and C++ for security and reliability. Part II
Using MISRA C and C++ for security and reliability. Part III
How secure is AES against brute force attacks?
Public key cryptography and security certificates
If you found this article to be of interest, visit Military/Aerospace Designline
where you will find the latest and greatest design, technology,
product, and news articles with regard to all aspects of military,
defense and aerospace. And, to register to our weekly newsletter, click here.