Cryptology ePrint Archive: Report 2016/700

Side-Channel Protections for Cryptographic Instruction Set Extensions

Sami Saab, Pankaj Rohatgi, and Craig Hampel

Abstract: Over the past few years, the microprocessor industry has introduced accelerated cryptographic capabilities through instruction set extensions. Although powerful and resistant to side-channel analysis such as cache and timing attacks, these instructions do not implicitly protect against power-based side-channel attacks, such as DPA. This paper provides a specific example with Intel's AES-NI cryptographic instruction set extensions, detailing a DPA, along with results, showing two ways to extract AES keys by simply placing a magnetic field probe beside two capacitors on a motherboard hosting an Intel Core i7 Ivy Bridge microprocessor. Based on the insights of the DPA, methods are then presented on how to mitigate the leaks, in software, providing a dial for diverting the optimal amount of resources required for a prescribed security requirement.

Category / Keywords: applications / Side-Channel Analysis, DPA, Microprocessors, Cryptographic Instruction Set Extensions, Intel, AES-NI

Date: received 12 Jul 2016

Contact author: sami saab at cryptography com

Available format(s): PDF | BibTeX Citation

Version: 20160713:135749 (All versions of this report)

Short URL: ia.cr/2016/700

Discussion forum: Show discussion | Start new discussion