Embed Size (px)
Citation preview
Optical side-channel attack on PIC16F84A
Martin Hlaváč
Charles University in Prague
CNES internship summary (part of USE IT project)
ECRYPT Ph. D. Summer School, Samos, Greece, May 4, 2007
Gold Card = PIC16F84 + 24LC16B
PIC16F84
1024 x 14 bit program
68B Static RAM
5V @ 4MHz (ISO7816) 24LC16B
2048Byte EEPROM
PIC16F84
18 10
1 9
8 5
1 4
24LC16B
C1
C2
C3
C4
C5
C6
C7
C8
Gold Card uncovered (Front Side)
Problem: Too much metal on SRAM. Solution: Back Side
SRAM
PIC16F84A uncovered (Back Side)
Problem: Silicon layer too thick (~300 µm).Solution: Slim it down to ~70 µm.
SRAM back side (20x)
PIC16F84A back side
Measurement goalAES state
16 bytes
16 bytes
Monitor changes of bytes in State block during AES
How? Dynamic light emission detection (PICA)
Theory: byte flips => light is emitted
byte stays => just noise
We can do bit flips!!!
bit
bit
Static vs. dynamic observation
vs.
All photons observed at one image
Frames166 ns = 1 clock cycle
Individual framesmovlw 0xff
(frames 0..3)
movlw 0xaa
(frames 8..11)
movlw 0x55
(frames 16..19)
movlw 0x00
(frames 20..23)
xorwf block+0x0,f
(frames 4..7)
xorwf block+0x0,f
(frames 12..15)
xorwf block+0x0,f
(frames 20..23)
xorwf block+0x0,f
(frames 24..27)
3rd clock
3rd clocks reveal the key“xor 0xFF” “xor 0xAA”
“xor 0x55” “xor 0x00”
No cryptanalysis needed
AES key is fully revealed during AddRoundKey operation
Even if only byte flips can be detected, the key can be recovered with 28 measurements
Conclusions
Dynamic light emission is a very strong side channel (once
synchronized) applicable on other ciphers/schemes and
devices
