I’m currently comparing the resilience of different elliptic curve algorithms on smart cards with regard to simple power analysis (SPA) attacks. This is how I prepared the card reader for my measurements with the oscilloscope.
First of all you will need the following:
- Smart Card Reader
- Oscilloscope or Data Acquisition Card
- Soldering Iron
- Patience 🙂
Opening the Reader:
Now comes the tricky part: In order to measure the power consumption of the smart-card you will need to insert a resistor in the GND-Line. This part depends on your reader and you should be careful to bridge the right line! The ground can be identified by following the contacts in the opened reader and following it to the corresponding smart-card contact. The following picture (Wikipedia) shows the different contacts:
On the front side the GND-Line reappears and enters the circuit. I attached on each side of the cut a clamp where I can insert and quickly change the resistor if needed. The resistor is needed because the voltage over the resistor is proportional to the power-consumption of the card, which is what you want to measure during a power analysis.
Attaching the oscilloscope
Now comes the easy part: You need to attach the oscilloscope to the reader. Connect the probe to the GND-Line before the resistor (on the back side for my reader) and the GND-Line of the oscilloscope after the resistor.
To get some data you should now attach the reader to your PC and launch an applet on the card. A good way to see something on the oscilloscope is to write an Applet that runs a loop of RSA encryptions. To test my setup I wrote an Applet that performs 1000 RSA-Encryptions with the same key and the same data. This gives me enough time to calibrate the oscilloscope and focus on the interesting part of the signal. An interesting point is that you can see very nicely when the co-processor is active.
Some power traces
Here are some of my measurements for the elliptic curve operations. It is very easy for an attacker to extract the secret key if you have an implementation that allows you to distinguish different operations. In my case it is easy to distinguish the EC-Point addition with EC-Point doubling. Using the sequence of additions (A) and doublings (D) it is easy to reconstruct the secret key.