Another important remark is that the double Com-
parison of the PIN code to protect against FIA intro-
duces new vulnerabilities for SCA.
By using templates, the attack is made portable.
The attacker can perform the profiling phase ahead of
time. Then on the target location, the measures and
the analysis are fast as only a few traces are required.
Moreover, she can easily perform batch attacks where
multiple targets are attacked with the same templates.
For all these points, our attack is a real threat.
A countermeasure against our attack could be to
compare the different bytes in a random order. The
attacker can retrieve the PIN but not in the right or-
der; so for example, for a PIN code with 4 bytes, with
4 different values, there is 4! = 24 possibilities. In
most cases, this number of possibilities is too big to
be authenticated before the device gets blocked. In
future works, we plan to test the practical application
of this countermeasure.
ACKNOWLEDGMENT
This work was partially funded by the French Na-
tional Research Agency (ANR) as part of the pro-
gram Digital Engineering and Security (INS-2013),
under grant agreement ANR-13-INSE-0006-01. The
authors would like to thank Thibault Cattelani and
Ga
¨
el Thomas for their helpful comments and discus-
sions.
REFERENCES
Andriotis, P., Tryfonas, T., Oikonomou, G., and Yildiz, C.
(2013). A pilot study on the security of pattern screen-
lock methods and soft side channel attacks. In Pro-
ceedings of the sixth ACM conference on Security and
privacy in wireless and mobile networks, pages 1–6.
Archambeau, C., Eric Peeters, Standaert, F.-X., and
Quisquater, J.-J. Template attacks in principal sub-
spaces. In Cryptographic Hardware and Embedded
Systems-CHES 2006, pages 1–14. Springer.
Bezanzon, J., Karpinski, S., Shah, V., and Edelman, A. Ju-
lia: A Fast Dynamic Language for Technical Comput-
ing. In Lang.NEXT.
Brier, E., Clavier, C., and Olivier, F. (2004). Correlation
Power Analysis with a Leakage Model. In Cryp-
tographic Hardware and Embedded Systems-CHES,
pages 16–29.
Chari, S., Rao, J. R., and Rohatgi, P. (2003). Template
attacks. In Cryptographic Hardware and Embedded
Systems-CHES 2002, pages 13–28. Springer.
Choudary, O. and Kuhn, M. G. (2014). Efficient template
attacks. In Smart Card Research and Advanced Appli-
cations, pages 253–270. Springer.
Elaabid, M. A., Guilley, S., and Hoogvorst, P. (2007). Tem-
plate Attacks with a Power Model. IACR Cryptology
ePrint Archive, 2007:443.
Folkman, L. (2007). The use of a power analysis for influ-
encing PIN verification on cryptographic smart card.
Bakal
´
ask pr
´
ace, Masarykova univerzita, Fakulta in-
formatiky.
Foo Kune, D. and Kim, Y. (2010). Timing attacks on pin
input devices. In Proceedings of the 17th ACM con-
ference on Computer and communications security,
pages 678–680. ACM.
Kocher, P. C. (1996). Timing attacks on implementations of
Diffie-Hellman, RSA, DSS, and other systems. In Ad-
vances in Cryptology—CRYPTO’96, pages 104–113.
Springer.
Linge, Y., Dumas, C., and Lambert Lacroix, S. Using
the Joint Distributions of a Cryptographic Function in
Side Channel Analysis. In Constructive Side-Channel
Analysis and Secure Design - COSADE 2014, pages
199–213. Springer.
Mangard, S. A simple power-analysis (SPA) attack on im-
plementations of the AES key expansion. In Infor-
mation Security and Cryptology—ICISC 2002, pages
343–358. Springer.
Mangard, S., Oswald, E., and Popp, T. (2008a). Power
analysis attacks: Revealing the secrets of smart cards,
volume 31. Springer Science & Business Media.
Mangard, S., Oswald, E., and Popp, T. (2008b). Power
analysis attacks: Revealing the secrets of smart cards,
volume 31. Springer Science & Business Media.
Moro, N., Dehbaoui, A., Heydemann, K., Robisson, B., and
Encrenaz, E. Electromagnetic fault injection: towards
a fault model on a 32-bit microcontroller. In Fault Di-
agnosis and Tolerance in Cryptography (FDTC), 2013
Workshop on, pages 77–88. IEEE.
Oswald, E. and Mangard, S. (2006). Template at-
tacks on masking—resistance is futile. In Topics in
Cryptology–CT-RSA 2007, pages 243–256. Springer.
Quisquater, J.-J. and Samyde, D. (2001). Electromagnetic
analysis (EMA): Measures and counter-measures for
smart cards. In Smart Card Programming and Secu-
rity, pages 200–210. Springer.
Rechberger, C. and Oswald, E. (2005). Practical template
attacks. In Information Security Applications, pages
440–456. Springer.
Riviere, L. (2015). S
´
ecurit
´
e des impl
´
ementations logicielles
face aux attaques par injection de faute sur systemes
embarqu
´
es. PhD thesis, Telecom Paris Tech.
Riviere, L., Najm, Z., Rauzy, P., Danger, J.-L., Bringer,
J., and Sauvage, L. High precision fault injections
on the instruction cache of ARMv7-M architectures.
In Hardware Oriented Security and Trust (HOST),
2015 IEEE International Symposium on, pages 62–67.
IEEE.
SECRYPT 2016 - International Conference on Security and Cryptography
238