Template attacks exploiting static power and application to CMOS lightweight crypto‐hardware

Abstract

SummaryA new class of template attacks aiming at recovering the secret key of a cryptographic core from measurements of its static power consumption is presented in this paper. These attacks exploit the dependence of the static current of Complementary metal–oxide–semiconductor Integrated Circuits on the input vector and the maximum likelihood decision rule as a statistical distinguisher. In the proposed Template Attacks Exploiting Static Power (TAESP), we take advantage of the temperature dependence of static currents in order to build a new multivariate approach able to extract relevant information from cryptographic devices. As a validation case study, we consider the PRESENT‐80 block cypher algorithm and its implementation on a 40 nm Complementary metal–oxide–semiconductor process. Monte Carlo and corner simulations at transistor level are used to show the effectiveness of the TAESP in the presence of die‐to‐die and intra‐die process variations. A real attack scenario is then built by adding Gaussian noise to current samples extracted from transistor‐level simulations. The univariate TAESP in which just one temperature is considered to build the templates is compared against the multivariate TAESP in which measurements at different controlled temperatures are exploited. This comparison shows that using just a few different temperatures to build multivariate templates allows to strongly increase the effectiveness of the attack. Copyright © 2016 John Wiley & Sons, Ltd.