Implementation Attacks

Document created by Diana Torres Employee on May 2, 2016Last modified by Diana Torres Employee on Apr 18, 2017
Version 12Show Document
  • View in full screen mode
  • Timing Attack demo

The Timing Attack demo shows the importance of securely implementing a PIN
verification. If a PIN verification is implemented with operations which are
not time-invariant - for example an if-else construction - it is possible to identify

when an incorrect PIN digit is being compared by observing the timing information

of the corresponding EM side-channel measurement. By iterating through all possible

values of a PIN digit the correct character will be identified in a maximum of 10 attempts.


To make the PIN query secure, a time-invariant comparison has to be implemented.

For example, a bitwise XOR comparison and subsequent OR operation for all PIN digits,

ensures the same time is taken for all possible comparisons. This scheme is illustrated in

        the block diagram.



  • Simple Power Analysis demo

The RSA-Algorithm implemented in the Simple Power Analysis demo application is reduced

to a simple 8-Bit implementation for illustrative purposes. The physical smart card interface

used is contact-based.


By monitoring the voltage drop across a shunt resistor it is possible to measure the power

consumption of an RSA operation on a digital oscilloscope. Observation of the resulting
measurements reveal that it is possible to visually distinguish  single square operations

from square and multiply operations. By iteratively logging this sequence of operations,

the bits of the exponent, that is the secret key, can be directly identified.


By using countermeasures like the square and always multiply algorithm, the decoding

of the exponent bits can be prevented and the key protected. The square and always

multiply algorithm is illustrated in the block diagram.




  • Fault Attack demo

The Fault Attack demo shows what can happen at software execution, if a flashlight is

fired on a decapsulated chip which has no security measures.


With simple tools – a mechanical grinding tool and some chemical etchant - it is
possible to expose the surface of the chip and crudely inject photons into the
sensitive silicon substrate.


In this case the flashlight causes a skip in the execution of the PIN verification
code if the flash is discharged close to the surface at the correct moment.


In normal function expiration the UserPin is either correct or incorrect and access
to the data is granted or denied accordingly. With a successful flashlight
attack it doesn’t matter which value for UserPin is entered - after several tries
the attacker skips the query and has access to the secret data.







  • RFID Relay Attack demo

The RFID Relay Attack demo demonstrates a new paradigm in

relay attacks in the context of software emulated smartcards on mobile devices.
Previous conditions about proximity of the attacker to the victim and the time
when the victim is approached, are negated. With a software emulated smartcard
on a mobile device an attacker can intercept and relay the transaction of a
potential victim remotely.
This new attack paradigm greatly enhances the value

of this attack for criminals, and consequently will result in greater malware development efforts.



  • Additional Information on the individual attacks: