Location-dependent EM leakage of the ATxmega microcontroller

Abstract

Nowadays, low power microcontrollers are widely deployed in wireless sensor networks, also implementing cryptographic algorithms. These implementations are potential targets of so-called side-channel analysis (SCA) attacks which aim to reveal secret information, e.g. a secret key. In this work we evaluate the resistance of AES implementations on an Atmel AVR XMEGA microcontroller against SCA attacks using the electromagnetic (EM) emanation measured at different locations on the chip surface from the front side and the rear side. Results show that the exploitable leakage for correlation attacks of a software implementation is higher compared to the leakage of the AES crypto engine, a hardware accelerator implemented on the microcontroller. Further investigations show that front-side EM measurements lead to better results and the measurement location is crucial if the number of measurements is limited.