A Novel Stegnosystem Design for Defying Differential Power Analysis Attacks on Smart Cards

Abstract

Differential Power Analysis (DPA) attacks extract the secret key of cryptographic algorithm, by analyzing the power dissipation of the smart card during the execution of the computation. Cryptosystems such as DES, the AES and public-key cryptosystems are easily perceptive to the DPA attacks. Several techniques can be used to prevent differential power analysis attacks. One method is to design algorithms that have a constant execution path and use operations that have little variation in their power usage. In this paper, we are proposing algorithmic countermeasures for differential power analysis attacks on smart cards. The proposed countermeasure is to induce a new smart card system that is not cryptosystem. The new technique, namely stegnosystem, relies on using stegnography instead of cryptography. The user has to provide his/her password, which is compared to the password hidden in the smart card memory. The hidden password is retrieved by deciphering the stegnography key stored in the smart card. DPA attacks can measure power dissipation that leaks during deciphering the stegnography key, thus gain knowledge of the location where the password is hidden, but it cannot gain any information of the actual password without the actual possession of the smart card.