Side-channel attacks and countermeasures for embedded microcontrollers

Abstract

While trustworthy hardware helps to establish the basis of trustworthy computing, most applications in embedded security rely to a significant extent on software. Smart-cards are an excellent example. A smart-card is an embedded computer in the form factor of a credit card with an integrated microcontroller. In contrast to a credit card, a smart-card thus has an active component. This allows the card to execute one side of a cryptographic protocol, such as digital signature-generation. Crypto-protocols are build using crypto-algorithms including symmetric-key and public-key encryption, random number generation, and hashing. A smart-card may implement these building blocks in software or, in some cases, in dedicated hardware. Software is often preferred because of two different reasons: reducing the design cost and supporting flexibility. This chapter will discuss the implementation of side-channel attacks on such microcontrollers, as well as some common countermeasures. The objective is to introduce the reader to this exciting field of research within the limits of a book chapter. In-depth discussion of side-channel analysis on microcontrollers can be found in the literature, e.g., [1].