Paper 2013/294
Synchronous Sampling and Clock Recovery of Internal Oscillators for Side Channel Analysis
Colin O'Flynn and Zhizhang (David) Chen
Abstract
Measuring power consumption for side-channel analysis typically uses an oscilloscope, which measures the data relative to an internal timebase. By synchronizing the sampling clock to the clock of the target device, the data storage and sampling requirements are considerably relaxed; the attack will succeed with a much lower sample rate. Previous work has demonstrated this on a system with a fixed and easily available clock; but real devices will often have an inaccessible internal oscillator, and may purposely vary the frequency this oscillator runs at (the Varying Clock countermeasure). This work measures the performance of a synchronous sampling system attacking a modern microcontroller running a software AES implementation. This attack is characterized under three conditions: with a stable clock, with a clock that randomly varies between 4.5~MHz--12.7~MHz, and with an internal oscillator that randomly varies between 7.41~MHz--7.49~MHz. Traces captured with the synchronous sampling technique can be processed with a standard Differential Power Analysis (DPA) style attack in all three cases, whereas when an oscilloscope is used only the stable oscillator setup is successful. This work also develops the required hardware to recover the internal clock of a device which does not have an externally available clock.
Note: Added back acknowledgements section which had been removed in initial submission
Metadata
- Available format(s)
- Category
- Implementation
- Publication info
- Published elsewhere. Unknown status
- Keywords
- side-channel analysisacquisitionsynchronizationDPA
- Contact author(s)
- coflynn @ newae com
- History
- 2014-10-20: last of 6 revisions
- 2013-05-23: received
- See all versions
- Short URL
- https://ia.cr/2013/294
- License
-
CC BY