undefined | Better HN

0 pointsdevdoomari8y ago0 comments

...how about a random-power-consumer? would it help?

0 comments

dom08y ago

No, not at all. A raised SNR can be overcome in almost all circumstances by making more measurements, i.e. correlation, since noise is not correlated, it is removed. For the same reason random delays don't help against timing attacks.

Drdrdrq8y ago

Curious: how about generating noise which is correlated to signal and actively tries to modify output to some "random" noise?

Cyph0n8y ago

That's how DPA works as far as I understand.

Ferofluid8y ago

Not if you calculate keys nonstop, then have another machine pick from a huge list later.

tinus_hn8y ago

Perhaps you could quantize the level.

Klathmon8y ago

Generally mitigations like adding random things only delay attacks like this, they don't prevent them.

Like adding random timings won't prevent timing attacks, adding random sized strings won't prevent chosen plaintext or padding attacks, etc...

Gibbon18y ago

Wonder if you can hash the cryto algorithm.

Dinux8y ago

This was even tested with CTR and GCM (I know this for a fact), which were not a problem at all. Surprisingly GCM was somewhat easier than hashing modes. But also CBC was detectable after a few blocks.

laydn8y ago

Cryptography Research (now RAMBUS) developed solutions against these DPA attacks. Real solutions are much more complex than just "random-power-consuming"

See: https://www.rambus.com/security/dpa-countermeasures/

j / k navigate · click thread line to collapse