On the Complexity of Attacking Elliptic Curve Based Authentication Chips
Ievgen Kabin, Zoya Dyka, Dan Klann, Jan Schaeffner, Peter, Langendoerfer
TL;DR
This paper analyzes the challenges of attacking elliptic curve authentication chips, demonstrating that lack of detailed information significantly hampers successful key extraction and revealing process details during authentication.
Contribution
It provides a detailed blueprint of attack strategies against elliptic curve crypto chips, highlighting the importance of information availability for successful attacks.
Findings
Inability to fully recover private keys without detailed design info
Successful identification of processing sequences and clock cycles during authentication
Higher effort required for attacking commercial chips compared to well-known implementations
Abstract
In this paper we discuss the difficulties of mounting successful attack against crypto implementations when essential information is missing. We start with a detailed description of our attack against our own design, to highlight which information is needed to increase the success of an attack, i.e. we use it as a blueprint to the following attack against commercially available crypto chips. We would like to stress that our attack against our own design is very similar to what happens during certification e.g. according to Common Criteria Standard as in those cases the manufacturer needs to provide detailed information. When attacking the commercial designs without signing NDAs, we needed to intensively search the Internet for information about the designs. We cannot to reveal the private keys used by the attacked commercial authentication chips 100% correctly. Moreover, the missing…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.