Timing attacks

• Measure difference in time duration between i.e a keypress and an errror LED being lit
• Difference in time duration might indicate that a correct key has been pressed (dependent on how error checking is handled in implementation)
• Repeat attack after every correct key
• Can be affected by random delay before activating LED
• Cryptographic timing attacks

Power consumption for timing attacks

• Case of random delay
• Patterns in power consumption (oscillations same as target MCU frequency), patterns spike close to transistor-switching at end of clock edges
• Can chose specific areas to measure timing over based on specific power consumption pattern

Simple power analysis (SPA)

• Each instruction has a unique power consumption signature
• Allows examination of the execution of an algorithm (compared to timing attacks)
• Analyze timing of individual operations and identifiable power profiles of operations
• Can determine secret key from cryptographic operation
  • RSA: Timing/power consumption differs based on square operation or square-and-multiply operation ⇒ read out key in binary from power traces. Attack on OpenSSL MBED-TLS
  • Ecliptic Curve Digital Signature Algorithm (ECDSA), Eliptic curve cryptography (ECC)

Differential Power Analysis (DPA)

• Assume that system leaks Hamming weight of all values processed (number of ones in manipulated data)
• Key enumeration
  • Informed guess about the key value
  • DPA gives us a confidence on a key guess
• Record multiple power traces. Use DPA to find differences between each key guess