Paper 2016/700

Side-Channel Protections for Cryptographic Instruction Set Extensions

Sami Saab, Pankaj Rohatgi, and Craig Hampel

Abstract

Over the past few years, the microprocessor industry has introduced accelerated cryptographic capabilities through instruction set extensions. Although powerful and resistant to side-channel analysis such as cache and timing attacks, these instructions do not implicitly protect against power-based side-channel attacks, such as DPA. This paper provides a specific example with Intel's AES-NI cryptographic instruction set extensions, detailing a DPA, along with results, showing two ways to extract AES keys by simply placing a magnetic field probe beside two capacitors on a motherboard hosting an Intel Core i7 Ivy Bridge microprocessor. Based on the insights of the DPA, methods are then presented on how to mitigate the leaks, in software, providing a dial for diverting the optimal amount of resources required for a prescribed security requirement.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint. MINOR revision.
Keywords
Side-Channel AnalysisDPAMicroprocessorsCryptographic Instruction Set ExtensionsIntelAES-NI
Contact author(s)
sami saab @ cryptography com
History
2016-07-13: received
Short URL
https://ia.cr/2016/700
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/700,
      author = {Sami Saab and Pankaj Rohatgi and Craig Hampel},
      title = {Side-Channel Protections for Cryptographic Instruction Set Extensions},
      howpublished = {Cryptology ePrint Archive, Paper 2016/700},
      year = {2016},
      note = {\url{https://eprint.iacr.org/2016/700}},
      url = {https://eprint.iacr.org/2016/700}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.