Scan attacks on side-channel and fault attack resistant public-key implementations

Abstract

Cryptographic devices are the targets of side-channel attacks, which exploit physical characteristics (e.g. power consumption) to compromise the system’s security. Several side-channel attacks and countermeasures have been proposed in the literature in the past decade. However, countermeasures are usually designed to resist attacks for a single side-channel. Few papers study the effects of a particular countermeasure on a specific side-channel attack on another attack which was not the target of the countermeasure. In this paper, we present scan-based side-channel attacks on public-key cryptographic hardware implementations in the presence countermeasures for power analysis and fault attacks. These aspects were not considered in any of the previous work on scan attacks. We have also considered the effect of Design for Test structures such as test compression and X-masking in our work to illustrate the effectiveness of our proposed scan-attack on practical implementations. Experimental results showing the requirement of the number of messages/points and retrieval time are presented to evaluate the complexity of the attacks. Results show that algorithmic countermeasures for Simple Power Analysis and Fault attack are not immune against our differential scan-attacks, whereas the algorithmic countermeasures against Differential Power Analysis are secure against such scan-attacks.