Performing electromagnetic side-channel attack on a commercial AES-256 device

Abstract

In this paper an electromagnetic side-channel attack on a commercial AES-256 USB-encryption module operating in ECB mode is introduced. In preparation for the attack, oscilloscope, electromagnetic probe with low-noise amplifier and isolated power supply were used together with computer to record 10000 plaintext encryptions. The attack was conducted with the collected plaintext-ciphertext pairs and EM traces corresponding to each encryption. The attack was con-ducted with Correlation Power Analysis method and Matlab software. The power consumption (and thus the EM emission) of the device was modeled using hamming distance metric.

The correlation between modeled power consumption and measured traces allowed the extraction of AES round keys one byte at a time. For AES-256 last two round keys (rounds 13 and 14) were needed to complete the key schedule. Finding these two keys allowed to calculate the original secret key from which they were expanded. For successful attack several trials were required to find right measurement setup for oscilloscope and electromagnetic head position. In this attack 30 out of the 32 round key bytes were found using side-channel attack and the two remaining were found using brute force. The device was found to have some kind of backdoor mechanism.