Cryptology ePrint Archive: Report 2013/224

On the Need of Physical Security for Small Embedded Devices: a Case Study with COMP128-1 Implementations in SIM Cards

Yuanyuan Zhou and Yu Yu and François-Xavier Standaert and Jean-Jacques Quisquater

Abstract: Ensuring the physical security of small embedded devices is challenging. Such devices have to be produced under strong cost constraints, and generally operate with limited power and energy budget. However, they may also be deployed in applications where physical access is indeed possible for adversaries. In this paper, we consider the case of SIM cards to discuss these issues, and report on successful side-channel attacks against several (old but still deployed) implementations of the COMP128-1 algorithm. Such attacks are able to recover cryptographic keys with limited time and data, by measuring the power consumption of the devices manipulating them, hence allowing cards cloning and communications eavesdropping. This study allows us to put forward the long term issues raised by the deployment of cryptographic implementations. It provides a motivation for improving the physical security of small embedded devices early in their development. We also use it to argue that public standards for cryptographic algorithms and transparent physical security evaluation methodologies are important tools for this purpose.

Category / Keywords: implementation / side-channel attacks, differential power analysis, physical security, electronic payment security

Publication Info: this is the full version of a paper that appeared at Financial Cryptography and Data Security 2013 (FC 2013)

Date: received 15 Apr 2013

Contact author: yuyuathk at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20130429:094334 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]