Overview of attacks on unencumbered cryptographic means and their prevention - Can the circle be squared?

Abstract

A relatively recent class of cryptographic attacks has evolved during the last years, focusing on the circumvention of cryptographic means by attacking other than the enciphering means itself. We call this class unencumbered, because the cryptanalysis is achieved without breaking the cipher. The attacker will instead observe the resources of the system at the deciphering process (or its failure). From this observation of the resources used, she will conclude the key being processed at successful deciphering or authentication. In the case of a plaintext attack, the message can be retrieved without breaking the cipher itself. We will introduce the current state of research in this field, some measures to avoid such attacks, and outline our ongoing research to combat such attacks in a more systematic manner. © 2008 IEEE.