Lessons Learned from Four Years of Implementation Attacks against Real-World Targets
Seminar Room 1, Newton Institute
Over the last few years we were able to break various real-world security systems using various flavours of physical attacks. About three years ago we were able to break KeeLoq, which is a 64 bit block cipher that is popular for remote keyless entry (RKE) systems. Even though the attack seems almost straightforward in hindsight, there where many practical and theoretical problems to overcome. More recently we were able to break certain types of the DESFire contactless smart card, which are widely used, e.g., for payment application. We also completely broke the bit stream encryption used in Xilinx FPGAs. In all both cases we were able to recover the keys for either 3DES or AES using power analysis attacks. In contrast to KeeLoq, both 3DES and AES are considered very secure from a classical cryptanalyitical point of view. Interesingly, the real-world implications of these key-extraction attacks are highly dependend on the system design (and not on the cipher used). In addition to summarizing the above mentioned work, I will try to draw some meaningful conclusions. This includes the often considerable practial hurdles an attacker has to overcome and the important role that system design plays.