Breaking AES with side channel analysis – Turid Herland – NDC Security 2022
Did you know that even if your crypto code is 100% bug-free, I may still be able to extract the secret key, simply by observing your code executing on a device?
Side channel analysis is a type of attack on cryptographic implementations that sidesteps the traditional black box security model. By observing e.g. the power consumption of a device while it performs cryptographic operations, one can analyze and gain knowledge about the information being processed. From there the secret key can often be reconstructed byte for byte.
In this talk, I will introduce side channel analysis in general, and then focus on how to attack AES using correlation power analysis (CPA). Finally, I will demonstrate a real attack extracting the secret key from AES running on an embedded CPU.