130 likes | 307 Views
Smart Card Security: Power Analysis Attacks. Greg Kish Rob Rex Jamie Walls. Overview. Introduction Background What is a Smart Card Evolution Attacks Power Analysis Conclusion. Background . What is a ‘smart card’? vs. dumb cards Why smart cards? Applications
E N D
Smart Card Security: Power Analysis Attacks Greg Kish Rob Rex Jamie Walls
Overview • Introduction • Background • What is a Smart Card • Evolution • Attacks • Power Analysis • Conclusion
Background • What is a ‘smart card’? • vs. dumb cards • Why smart cards? • Applications • Physical Characteristics • At a glance • ISO 7816-2:1988
Evolution • Embossed numbers and cardholder’s name • Signature field • Magnetic stripe • Hologram • Internet fraud • Smart card
Attacks • Invasive • Physically breaking the card • Non-Invasive • Glitching • Malicious applets • Power analysis
Simple Power Analysis • Gathering the data • How? • What does it mean? • Hamming weight leakage • Transition count • Breaking DES
Simple Power Analysis • Gathering the data • How? • What does it mean? • Hamming weight leakage • Transition count • Breaking DES
Differential Power Analysis • Why not keep it simple? • How its done • Attack in pieces • Only 26 choices per Sbox
Noise • Noise • 4 types of noise • External • Intrinsic • Quantizational • Algorithmic
Defenses • Ineffective • Add Noise • Change execution order • Promising advances • Random calculations • Hardware research
Conclusion • This is important! • Smart cards are convenient & powerful • Limited by their safety • Power Analysis • Information can only be hidden