Paper 2012/296

In the blink of an eye: There goes your AES key

Sergei Skorobogatov and Christopher Woods

Abstract

This paper is a short summary of a real world AES key extraction performed on a military grade FPGA marketed as 'virtually unbreakable' and 'highly secure'. We demonstrated that it is possible to extract the AES key from the Actel/Microsemi ProASIC3 chip in a time of 0.01 seconds using a new side-channel analysis technique called Pipeline Emission Analysis (PEA). This new technique does not introduce a new form of side-channel attacks (SCA), it introduces a substantially improved method of waveform analysis over conventional attack technology. It could be used to improve upon the speed at which all SCA can be performed, on any device and especially against devices previously thought to be unfeasible to break because of the time and equipment cost. Possessing the AES key for the ProASIC3 would allow an attacker to decrypt the bitstream or authenticate himself as a legitimate user and extract the bitstream from the device where no read back facility exists. This means the device is wide open to intellectual property theft, fraud and reverse engineering of the design to allow the introduction of a backdoor or Trojan. We show that with a very low cost hardware setup made with parts obtained from a local electronics distributor you can improve upon existing SCA up to a factor of x1,000,000 in time and at a fraction of the cost of existing SCA equipment.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. not published anywhere yet
Keywords
AES Key extractionSide-channel analysisFPGA bitstream encryptionPower analysisPEA technique
Contact author(s)
sps32 @ cam ac uk
History
2012-06-03: received
Short URL
https://ia.cr/2012/296
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2012/296,
      author = {Sergei Skorobogatov and Christopher Woods},
      title = {In the blink of an eye: There goes your {AES} key},
      howpublished = {Cryptology {ePrint} Archive, Paper 2012/296},
      year = {2012},
      url = {https://eprint.iacr.org/2012/296}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.