26C3 - 26C3 1.15

26th Chaos Communication Congress
Here be dragons

Referenten
hunz
Programm
Tag Day 4 - 2009-12-30
Raum Saal2
Beginn 12:45
Dauer 01:00
Info
ID 3631
Veranstaltungstyp Vortrag
Track Hacking
Sprache der Veranstaltung englisch
Feedback

Finding the key in the haystack

A practical guide to Differential Power Analysis

The power consumtion of a microcontroller depends on the actual data being processed. This renders current-based side channel attacks possible: By recording and analyzing the current consumption of a microcontroller, one can recover secret keys. This can be done using Differential Power Analysis (DPA).

While smartcards and other tamper resistant devices usually implement countermeasures to complicate this kind of attack, most consumer hardware isn't DPA-safe. DPA will be explained by example in this talk: A non-hardened, but conventional AES implementation running on a popular AVR microcontroller will be attacked. Real-world power data will be used for analysis.

After explaining the basic idea and the way DPA works, the workflow will be described in detail along with hardware/software requirements and the measurement setup. The measurement process will be explained as well. Prior to analyzing the recorded data, necessary theoretical foundations will be shown without going too much into mathematical details.

Common challenges one might encounter while mounting a DPA-attack will be presented as well as suitable approaches to cope with them. It's the intention of this talk to show that all one needs to conduct a DPA is a half-decent digital storage oscilloscope (DSO) and a bit of electronics & software knowledge.

Archived page - Impressum/Datenschutz