Paper 2005/468

Blind Attacks on Engineering Samples

Vanessa Gratzer and David Naccache

Abstract

In addition to its usual complexity assumptions, cryptography silently assumes that information can be physically protected in a single location. As we now know, real-life devices are not ideal and confidential information leaks through different physical channels.\smallskip Whilst most aspects of side channel leakage (cryptophthora) are now well understood, no attacks on totally unknown algorithms are known to date. This paper describes such an attack.\smallskip By {\sl totally unknown} we mean that no information on the algorithm's mathematical description (including the plaintext size), the microprocessor or the chip's power consumption model is available to the attacker.\smallskip We successfully experimented the attack on a commercially available device produced by a non-European smart-card manufacturer.