侧信道分析实用案例概述

Side-channel attacks can extract intermediate values of cryptographic operation by some physical channels, and then divide and conquer a long secret key, which is a popular research topic in cryptography. Side-channel attacks can often break cryptosystems easier than traditional cryptanalysis. Nowadays, the main evaluation institutions for cryptographic products in the world regard the side-channel protection capability as the main security measure of devices or chips. Even if a product has obtained authoritative security certification, it may still be broken by side-channel attacks. In this paper, some kinds of side-channel attack technologies and cases on practical cryptographic modules and security products are studied. The channel includes power, electromagnetic emission, fault information, remote electromagnetic and sound, cache, and so on. Some development trends of these attacks are discussed. Especially in the past three years, the side-channel attackers pay more attention to the Internet of Things, industry control system, mobile phone, intelligent terminal, and some other popular devices. Some common cryptographic devices are broken by these technologies, which bring great security threat to the personal property and collective interests.