SCARE of the DES

Side-Channel Analysis for Reverse Engineering (SCARE) is a new field of application for Side-Channel Attacks (SCA), that was recently introduced, following initial results on the GSM A3/A8 algorithm. The principle of SCARE is to use side-channel information (for instance, power consumption) as a tool to reverse-engineer some secret parts of a cryptographic implementation. SCARE has the advantage of being discrete and non-intrusive, so it appears to be a promising new direction of research.

In this paper, we apply the concepts of SCARE in the case of the block cipher DES. We measure the power consumption of a software DES executed on a target smart card and propose new methods to exploit this information. We manage to retrieve many details about the underlying device, including some constants used by the algorithm (

e.g.

permutation tables for the round function and for the key scheduling), but also interesting implementation choices (

e.g.

registers where subkeys are loaded). Of course some information was already known in our case, but situations can be envisaged where the designer would like to keep it secret.

An application of these methods is to reverse-engineer a proprietary algorithm, provided some information about its basic structure is know. Hence it illustrates the power of SCARE and demonstrates yet again the accuracy of Kerckhoff’s principle. In addition, a better understanding of a cryptographic implementation can be a first step to mount more sophisticated Side Channel Attacks.