Cryptography Research to Host Workshop at RSA Conference 2009: "Securing Tamper Resistant Devices – Introduction to Timing Attacks, SPA, and DPA"

SAN FRANCISCO – March 26, 2009 – Cryptography Research, Inc. (CRI) will hold a one-day pre-conference tutorial entitled “Securing Tamper Resistant Devices - Introduction to Timing Attacks, SPA and DPA” during the RSA Conference 2009, April 20-24, at the Moscone Center in San Francisco.

In the workshop, attendees will receive an introduction to the fundamentals of power analysis, perform hands-on tutorials, examine practical design approaches to countering power analysis and review the current state of related U.S. and international security certifications. This is the third consecutive year that CRI will run this workshop at a RSA conference.

DPA was discovered at CRI by Paul Kocher, Joshua Jaffe and Benjamin Jun who demonstrated that power consumption measurements of smart card and other devices could be analyzed to find secret keys. Vulnerable devices can be exploited by attackers to counterfeit digital cash, duplicate ID cards, pirate digital content or mount other attacks.

The primary audience for the workshop includes developers and architects of secure embedded systems, as well as evaluators and individuals designing testing requirements for tamper-resistant products. Technical staff interested in designing and testing tamper-resistant systems for consumer products, financial systems, anti-piracy/conditional access systems or government/defense applications are also encouraged to attend.

The CRI workshop is divided into three sessions. In part one, attendees will receive an introduction to the fundamentals of power analysis, perform a timing attack code review exercise and observe a timing attack demonstration.

Part two explores the practical design approaches to countering power analysis. Participants will work in teams and find a key using SPA. The DPA analysis will be introduced and a live DPA attack will be performed to extract keys from a tamper-resistant device.

Part three focuses on effective technical approaches to DPA resistance and countermeasure implementation. Recommended evaluation processes will also be discussed, together with an overview of the CRI DPA Countermeasure Validation Program for evaluating the effectiveness of products in resisting side channel attacks.

CRI Workshop Details

Lecture Team:
Joshua Jaffe, cryptosystem researcher and engineer
Mark Marson, senior cryptographer
Gilbert Goodwill, senior staff engineer

Pre-conference Tutorial (session code TUT-M11): “Securing Tamper Resistant Devices - Introduction to Timing Attacks, SPA and DPA”

When: Monday, April 20, 2009, 9:00 a.m.—3:30 p.m. PDT

Where: RSA Conference 2009, Moscone Center, San Francisco

For more information and to register, please visit: More »