Electromagnetic Analysis against Public-Key Cryptographic Software on Embedded OS

Hajime UNO  Sho ENDO  Naofumi HOMMA  Yu-ichi HAYASHI  Takafumi AOKI  

Publication
IEICE TRANSACTIONS on Communications   Vol.E98-B   No.7   pp.1242-1249
Publication Date: 2015/07/01
Online ISSN: 1745-1345
DOI: 10.1587/transcom.E98.B.1242
Type of Manuscript: Special Section PAPER (Special Section on Electromagnetic Compatibility Technology in Conjunction with Main Topics of EMC'14/Tokyo)
Category: 
Keyword: 
EM information security,  side-channel attack,  embedded OS,  electromagnetic analysis,  RSA software,  chosen-message simple electromagnetic analysis,  

Full Text: PDF(4.5MB)>>
Buy this Article




Summary: 
Electromagnetic analysis (EMA) against public-key cryptographic software on an embedded OS is presented in this paper. First, we propose a method for finding an observation point for EMA, where the EM radiation caused by cryptographic operations can be observed with low noise. The basic idea is to find specific EM radiation patterns produced by cryptographic operations given specific input pattern. During the operations, we scan the surface of the target device(s) with a micro magnetic probe. The scan is optimized in advanced using another compatible device that has the same central processing unit (CPU) and OS as the target device. We demonstrate the validity of the proposed EMAs through some EMA experiments with two types of RSA software on an embedded OS platform. The two types of RSA software have different implementations for modular multiplication algorithms: one is a typical and ready-made implementation using BigInteger class on Java standard library, and another is a custom-made implementation based on the Montgomery multiplication algorithm. We conduct experiments of chosen-message EMA using our scanning method, and show such EMAs successfully reveal the secret key of RSA software even under the noisy condition of the embedded OS platform. We also discuss some countermeasures against the above EMAs.