DPA Research

"Cryptography Research discovered DPA and pioneered the solutions. Their patents on DPA countermeasures are the key for solving the problem."

— Bruce Schneier, CTO of Counterpane Internet Security, Inc. and author of 'Applied Cryptography' and 'Beyond Fear: Thinking Sensibly About Security in an Uncertain World'

In the early 1990’s, Cryptography Research Inc. (CRI), now a division of Rambus, discovered SPA and DPA attacks. Since then, we’ve continued to research these security vulnerabilities and develop countermeasures to protect against these increasingly critical threats. The following technical papers have been published by our team.

2012

Mobile Device Security: The case for side-channel resistance

In this paper, security experts from CRI explore ways to improve mobile device security.
by Gary Kenworthy and Pankaj Rohatgi

Is Your Mobile Device Radiating Keys?

In this presentation from the RSA Conference, Benjamin Jun and Gary Kenworthy describe how to mitigate risk whenever applications use high-valued cryptographic keys.
by Benjamin Jun and Gary Kenworthy


2011

Efficient side-channel testing for public key algorithms: RSA case study

This paper proposes an approach to validate that implementations of public-key cryptography have moderate resistance to side-channel analysis, using RSA-CRT as an example
by Joshua Jaffe and Pankaj Rohatgi

A testing methodology for side-channel resistance validation

This paper proposes a testing methodology for side-channel resistance validation.
by Gilbert Goodwill, Benjamin Jun, Joshua Jaffe, and Pankaj Rohatgi

Leakage resistant encryption and decryption

In this design note, security experts from CRI explain an alternative approach, a "protocol-level" countermeasure to secure data encryption and decryption operations that can use existing unprotected hardware block cipher implementations, while achieving provable security against side-channel attacks.
by Pankaj Rohatgi


2010

Protecting FPGAs from Power Analysis

A whitepaper describing how SPA and DPA vulnerabilities apply to FPGAs, and guidance about the types of countermeasures that can be implemented to protect FPGAs against these attacks.
by Pankaj Rohatgi

Introduction to Differential Power Analysis

In this paper, security experts from CRI introduce differential powerful analysis (DPA), simple power analysis (SPA), as well as several related techniques.
by Paul Kocher, Joshua Jaffe, Benjamin Jun and Pankaj Rohatgi


2007

A First-Order DPA attack against AES in counter mode with unknown initial counter

This paper describes a first-order DPA attack against AES in counter mode, in which the initial counter and output values are all unknown.
by Joshua Jaffe

First-Order DPA Attack Against AES in Counter Mode with unknown counter

This presentation from the CHES conference, describes a first-order DPA attack against AES in counter mode, in which the initial counter and output values are all unknown.
by Joshua Jaffe


2006

DPA Attacks vs. unknown input: a 1st-order Attack on Counter Modes

This talk from the CHES conference, outlines a first-order DPA attack on ciphers used in counter mode, that works even if the initial counter value and cipher output are unknown.
by Joshua Jaffe


2005

Design and Testing Strategies for Power Analysis & Related Attacks

An examination of testing methodologies for obtaining assurance in countermeasures to power analysis and related attacks.
by Paul Kocher


2003

Self-protecting digital content

This paper presents results from the CRI Content Security Research Initiative, a study sponsored by CRI to determine how cryptographic systems can provide the most effective long-term deterrent to the piracy of digital video and other content distributed on optical media.
by Paul Kocher, Joshua Jaffe, Benjamin Jun, Carter Laren, Nate Lawson


1998

Introduction to differential power analysis and related attacks

An engineering overview of Differential Power Analysis
by Paul Kocher, Joshua Jaffe, and Benjamin Jun

Differential Power Analysis

An academic paper introducing the discovery of Differential Power Analysis
by Paul Kocher, Joshua Jaffe, and Benjamin Jun


1996

Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems

An academic paper introducing timing attack cryptanalysis. Many elements of timing attacks are relevant to DPA.
by Paul Kocher