ID and IP Theft with Side-Channel Attacks
Author: David Oswald
Side-channel analysis (SCA) is a powerful tool to extract (cryptographic) secrets by observing physical properties (power consumption, EM) of a target device. After an intro to SCA and related methods, the speaker will demonstrate the practical relevance of SCA with two case studies: first, how SCA can be used to circumvent the IP protection (bitstream encryption) of FPGAs. In a similar way, AES keys of one-time password tokens can be extracted, allowing an attacker to steal digital identities.
David Oswald received his PhD in IT-Security in 2013 and is currently working at the Chair for Embedded Security, Ruhr-University Bochum. His main field of research is the practical security analysis of embedded systems, e.g., commercially employed RFID smartcards. The focus is on attack methods that exploit weaknesses in the physical implementation of mathematically secure cryptographic algorithms. Those techniques include both (passive) side-channel analysis and (active) fault injection. He is co-founder of the Kasper & Oswald GmbH, offering innovative products and services for security engineering.