### Single--Trace Template Attack on the DES Round Keys of a Recent Smart Card

Mathias Wagner and Stefan Heyse

##### Abstract

A new template attack on the DES key scheduling is demonstrated that allows recovery of a sufficiently large portion of the DES key of a recent and widely deployed smart card chip with a {\it single} EM (electromagnetic) trace during the Exploitation Phase. Depending on the use case, the remainder of the key may then be found with reasonable brute--force effort on a PC. Remaining rest entropies as low as $\approx 19$ bits have been found for some single--trace attacks, meaning that effectively 37 bits were recovered in a single trace. The nature of single--trace attacks has it that conventional software countermeasures are rendered useless by this attack, and thus the only remaining remedy is a hardware redesign.

Note: minor typos got corrected and a reference added.

Available format(s)
Category
Implementation
Publication info
Preprint.
Keywords
DESTDESTemplate AttackSide-channel AttackSmart CardSCAblock cipher
Contact author(s)
mathias wagner @ nxp com
History
Short URL
https://ia.cr/2017/057

CC BY

BibTeX

@misc{cryptoeprint:2017/057,
author = {Mathias Wagner and Stefan Heyse},
title = {Single--Trace Template Attack on the DES Round Keys of a Recent Smart Card},
howpublished = {Cryptology ePrint Archive, Paper 2017/057},
year = {2017},
note = {\url{https://eprint.iacr.org/2017/057}},
url = {https://eprint.iacr.org/2017/057}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.