Book contents
- Frontmatter
- Contents
- Preface
- Abbreviations and Standard Notation
- Authors
- Part 1 Protocols
- Part 2 Implementation Techniques
- Chapter IV Side-Channel Analysis
- Chapter V Defences Against Side-Channel Analysis
- Part 3 Mathematical Foundations
- Part 4 Pairing Based Techniques
- Bibliography
- Summary of Major LNCS Proceedings
- Author Index
- Subject Index
Chapter IV - Side-Channel Analysis
Published online by Cambridge University Press: 20 August 2009
- Frontmatter
- Contents
- Preface
- Abbreviations and Standard Notation
- Authors
- Part 1 Protocols
- Part 2 Implementation Techniques
- Chapter IV Side-Channel Analysis
- Chapter V Defences Against Side-Channel Analysis
- Part 3 Mathematical Foundations
- Part 4 Pairing Based Techniques
- Bibliography
- Summary of Major LNCS Proceedings
- Author Index
- Subject Index
Summary
Side-channel analysis (SCA) or information leakage analysis (ILA), refers to a new and emerging type of cryptanalysis that uses leaked side-channel information from a cryptographic device to determine the secret key. The traditional cryptographic model consists of two parties, Alice and Bob, who wish to communicate secretly over an insecure channel. To protect against a potential eavesdropper, cryptographic algorithms are used to ensure the secrecy of the communication. In this traditional model, the security of the system relies solely on the secrecy of the key and the mathematical properties of the cryptographic algorithm used.
However, in a more practical scenario the communicating parties are mostly computing devices, such as personal computers, smart cards or mobile phones. On such devices, a cryptographic algorithm is implemented and executed whenever a cryptographic protocol requires its computation. Although these devices operate in potentially hostile environments and are subject to attacks themselves, they are supposed to protect the secret key. Furthermore, such devices can act as a source of information. Depending on the data they process, they might consume different amounts of power, emit different amounts of electromagnetic emanations, produce different types of noises, need different running times or output different error messages; see Figure IV.1.
- Type
- Chapter
- Information
- Advances in Elliptic Curve Cryptography , pp. 69 - 86Publisher: Cambridge University PressPrint publication year: 2005
- 2
- Cited by