Comparison between Differential and Correlation Power Analysis Attacks on Embedded Systems

Today, embedded electronic systems are everywhere, controlling every aspect of everyday life both in professional and in private environments. Most of them manage private information or sensitive data and implement some cryptographic algorithms with the aim of protecting private information from stealing. Even if the algorithms themselves can be considered secure, they can be broken by physical observation of certain properties of the electronic devices, such as the current absorbed or the time taken to execute the algorithms. This is how Side-Channel Attacks take place. These kinds of exploits are very effective ways to gain access to secret information hidden in the embedded systems. It relies on the information channels not intended to be used and, in general, underestimated at the development stage. The general principle has been applied a lot before the advent of embedded system devices: in fact, it can be applied to a mechanical system or even to humans without the need for complex measurement systems, such as a thief than opens a safe using a stethoscope, or simply his ear, listening for some TICs that reveal a right combination digit. Recently, the spread of the embedded devices hosting private or sensitive information, for example in the Internet of Things (IoT) domain, pushes companies to increase their focus on security, spending time and device hardware resources in secure ciphers based on standard algorithms that enable the device to communicate with the external world. In this work, the power absorption side channel is investigated, since it does not require costly instrumentation and it is easily accessible. Using side-channel techniques, an attacker can gain insights into working data or execution path to get access to some secret information-related behavior, reducing the needed complexity to discover the secret information (i.e., a secret key of an advanced encryption algorithm). Side channels rarely give direct access to secret information, but most of the time they enormously reduce the number of attempts the hacker has to do to get a secret. The thesis work analyzes two commonly-used techniques to hack the AES cryptographic algorithm: Differential Power Analysis (DPA) and Correlation Power Analysis (CPA), using a low-cost acquisition system, \emph{ChipWhisperer}. Such a platform is equipped with all the required components to execute experimental tests: synchronous acquisition system, target victim processor, and software libraries. Some thousands of traces have been acquired from AES encryption execution over the platform to gather enough amount of data to test and compare the two methodologies. Comparison results with respect to the target technology are presented. Finally, an overview of the possible countermeasures commonly adopted is presented, together with a list of known methods to make them ineffective.