Paper 2015/354

SEMA and MESD Leakage of TinyECC 2.0 on a LOTUS Sensor Node

Jacek Samotyja, Kerstin Lemke-Rust, and Markus Ullmann

Abstract

TinyECC 2.0 is an open source library for Elliptic Curve Cryptography (ECC) in wireless sensor networks. This paper analyzes the side channel susceptibility of TinyECC 2.0 on a LOTUS sensor node platform. In our work we measured the electromagnetic (EM) emanation during computation of the scalar multiplication using 56 different configurations of TinyECC 2.0. All of them were found to be vulnerable, but to a different degree. The different degrees of leakage include adversary success using (i) Simple EM Analysis (SEMA) with a single measurement, (ii) SEMA using averaging, and (iii) Multiple-Exponent Single-Data (MESD) with a single measurement of the secret scalar. It is extremely critical that in 30 TinyECC 2.0 configurations a single EM measurement of an ECC private key operation is sufficient to simply read out the secret scalar. MESD requires additional adversary capabilities and it affects all TinyECC 2.0 configurations, again with only a single measurement of the ECC private key operation. These findings give evidence that in security applications a configuration of TinyECC 2.0 should be chosen that withstands SEMA with a single measurement and, beyond that, an addition of appropriate randomizing countermeasures is necessary.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint. MINOR revision.
Keywords
TinyECC 2.0Side Channel AnalysisSEMAMESDLOTUS Sensor NodeWireless Sensor Network.
Contact author(s)
kerstin lemke-rust @ h-brs de
History
2015-04-23: received
Short URL
https://ia.cr/2015/354
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/354,
      author = {Jacek Samotyja and Kerstin Lemke-Rust and Markus Ullmann},
      title = {{SEMA} and {MESD} Leakage of {TinyECC} 2.0 on a {LOTUS} Sensor Node},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/354},
      year = {2015},
      url = {https://eprint.iacr.org/2015/354}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.