| Power analysis attacks against smartcard implementations of cryptographic algorithms are reviewed and analyzed. The types of attacks that are possible, the severity of these attacks and solutions to prevent these attacks are investigated. Results from monitoring smartcard power signals are reported, and new techniques to model, and consequently, strengthen existing power analysis attacks are provided. Three new attacks, specifically aimed against the modular exponentiation algorithm of public-key cryptosystems are described. Some vulnerabilities in elliptic-curve cryptosystems are also given. New, more advanced power analysis attacks that use synchronized sampling, total power analysis, correlation analysis, and higher-order methods are also shown to be practical. Software and hardware countermeasures to these attacks are briefly discussed. Finally, a specific countermeasure that uses random masks is employed to secure the Advanced Encryption Standard (AES) finalist algorithms. The performance and memory requirements of these new implementations are reported. Experimental results confirm the effectiveness and practicality of many of the newly proposed attacks. |
