Small tweaks do not help: Differential power analysis of MILENAGE implementations in 3G/4G USIM cards

Junrong Liu; Yu Yu; FranÇois Xavier Standaert; Zheng Guo; Dawu Gu; Wei Sun; Yijie Ge; Xinjun Xie

doi:10.1007/978-3-319-24174-6_24

Small tweaks do not help: Differential power analysis of MILENAGE implementations in 3G/4G USIM cards

Junrong Liu, Yu Yu, FranÇois Xavier Standaert, Zheng Guo, Dawu Gu, Wei Sun, Yijie Ge, Xinjun Xie

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

47 Scopus citations

Abstract

Side-channel attacks are an increasingly important concern for the security of cryptographic embedded devices, such as the SIM cards used in mobile phones. Previous works have exhibited such attacks against implementations of the 2G GSM algorithms (COMP-128, A5). In this paper, we show that they remain an important issue for USIM cards implementing the AES-based MILENAGE algorithm used in 3G/4G communications. In particular, we analyze instances of cards from a variety of operators and manufacturers, and describe successful Differential Power Analysis attacks that recover encryption keys and other secrets (needed to clone the USIM cards) within a few minutes. Further, we discuss the impact of the operator-defined secret parameters in MILENAGE on the difficulty to perform Differential Power Analysis, and show that they do not improve implementation security. Our results back up the observation that physical security issues raise long-term challenges that should be solved early in the development of cryptographic implementations, with adequate countermeasures.

Original language	English
Title of host publication	Computer Security – ESORICS 2015 - 20th European Symposium on Research in Computer Security, Proceedings
Editors	Peter Y.A. Ryan, Günther Pernul, Edgar Weippl
Publisher	Springer Verlag
Pages	468-480
Number of pages	13
ISBN (Print)	9783319241739
DOIs	https://doi.org/10.1007/978-3-319-24174-6_24
State	Published - 2015
Externally published	Yes
Event	20th European Symposium on Research in Computer Security, ESORICS 2015 - Vienna, Austria Duration: 21 Sep 2015 → 25 Sep 2015

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	9326
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	20th European Symposium on Research in Computer Security, ESORICS 2015
Country/Territory	Austria
City	Vienna
Period	21/09/15 → 25/09/15

Keywords

Mobile network security
SIM cards cloning
Side-channel attacks

Access to Document

10.1007/978-3-319-24174-6_24

Cite this

Liu, J., Yu, Y., Standaert, F. X., Guo, Z., Gu, D., Sun, W., Ge, Y., & Xie, X. (2015). Small tweaks do not help: Differential power analysis of MILENAGE implementations in 3G/4G USIM cards. In P. Y. A. Ryan, G. Pernul, & E. Weippl (Eds.), Computer Security – ESORICS 2015 - 20th European Symposium on Research in Computer Security, Proceedings (pp. 468-480). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9326). Springer Verlag. https://doi.org/10.1007/978-3-319-24174-6_24

Liu, Junrong ; Yu, Yu ; Standaert, FranÇois Xavier et al. / Small tweaks do not help : Differential power analysis of MILENAGE implementations in 3G/4G USIM cards. Computer Security – ESORICS 2015 - 20th European Symposium on Research in Computer Security, Proceedings. editor / Peter Y.A. Ryan ; Günther Pernul ; Edgar Weippl. Springer Verlag, 2015. pp. 468-480 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{0246dc71b9dd4543a92362c041756698,

title = "Small tweaks do not help: Differential power analysis of MILENAGE implementations in 3G/4G USIM cards",

abstract = "Side-channel attacks are an increasingly important concern for the security of cryptographic embedded devices, such as the SIM cards used in mobile phones. Previous works have exhibited such attacks against implementations of the 2G GSM algorithms (COMP-128, A5). In this paper, we show that they remain an important issue for USIM cards implementing the AES-based MILENAGE algorithm used in 3G/4G communications. In particular, we analyze instances of cards from a variety of operators and manufacturers, and describe successful Differential Power Analysis attacks that recover encryption keys and other secrets (needed to clone the USIM cards) within a few minutes. Further, we discuss the impact of the operator-defined secret parameters in MILENAGE on the difficulty to perform Differential Power Analysis, and show that they do not improve implementation security. Our results back up the observation that physical security issues raise long-term challenges that should be solved early in the development of cryptographic implementations, with adequate countermeasures.",

keywords = "Mobile network security, SIM cards cloning, Side-channel attacks",

author = "Junrong Liu and Yu Yu and Standaert, \{Fran{\c C}ois Xavier\} and Zheng Guo and Dawu Gu and Wei Sun and Yijie Ge and Xinjun Xie",

note = "Publisher Copyright: {\textcopyright} Springer International Publishing Switzerland 2015.; 20th European Symposium on Research in Computer Security, ESORICS 2015 ; Conference date: 21-09-2015 Through 25-09-2015",

year = "2015",

doi = "10.1007/978-3-319-24174-6\_24",

language = "英语",

isbn = "9783319241739",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "468--480",

editor = "Ryan, \{Peter Y.A.\} and G{\"u}nther Pernul and Edgar Weippl",

booktitle = "Computer Security – ESORICS 2015 - 20th European Symposium on Research in Computer Security, Proceedings",

address = "德国",

}

Liu, J, Yu, Y, Standaert, FX, Guo, Z, Gu, D, Sun, W, Ge, Y & Xie, X 2015, Small tweaks do not help: Differential power analysis of MILENAGE implementations in 3G/4G USIM cards. in PYA Ryan, G Pernul & E Weippl (eds), Computer Security – ESORICS 2015 - 20th European Symposium on Research in Computer Security, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9326, Springer Verlag, pp. 468-480, 20th European Symposium on Research in Computer Security, ESORICS 2015, Vienna, Austria, 21/09/15. https://doi.org/10.1007/978-3-319-24174-6_24

Small tweaks do not help: Differential power analysis of MILENAGE implementations in 3G/4G USIM cards. / Liu, Junrong; Yu, Yu; Standaert, FranÇois Xavier et al.
Computer Security – ESORICS 2015 - 20th European Symposium on Research in Computer Security, Proceedings. ed. / Peter Y.A. Ryan; Günther Pernul; Edgar Weippl. Springer Verlag, 2015. p. 468-480 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9326).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Small tweaks do not help

T2 - 20th European Symposium on Research in Computer Security, ESORICS 2015

AU - Liu, Junrong

AU - Yu, Yu

AU - Standaert, FranÇois Xavier

AU - Guo, Zheng

AU - Gu, Dawu

AU - Sun, Wei

AU - Ge, Yijie

AU - Xie, Xinjun

N1 - Publisher Copyright: © Springer International Publishing Switzerland 2015.

PY - 2015

Y1 - 2015

N2 - Side-channel attacks are an increasingly important concern for the security of cryptographic embedded devices, such as the SIM cards used in mobile phones. Previous works have exhibited such attacks against implementations of the 2G GSM algorithms (COMP-128, A5). In this paper, we show that they remain an important issue for USIM cards implementing the AES-based MILENAGE algorithm used in 3G/4G communications. In particular, we analyze instances of cards from a variety of operators and manufacturers, and describe successful Differential Power Analysis attacks that recover encryption keys and other secrets (needed to clone the USIM cards) within a few minutes. Further, we discuss the impact of the operator-defined secret parameters in MILENAGE on the difficulty to perform Differential Power Analysis, and show that they do not improve implementation security. Our results back up the observation that physical security issues raise long-term challenges that should be solved early in the development of cryptographic implementations, with adequate countermeasures.

AB - Side-channel attacks are an increasingly important concern for the security of cryptographic embedded devices, such as the SIM cards used in mobile phones. Previous works have exhibited such attacks against implementations of the 2G GSM algorithms (COMP-128, A5). In this paper, we show that they remain an important issue for USIM cards implementing the AES-based MILENAGE algorithm used in 3G/4G communications. In particular, we analyze instances of cards from a variety of operators and manufacturers, and describe successful Differential Power Analysis attacks that recover encryption keys and other secrets (needed to clone the USIM cards) within a few minutes. Further, we discuss the impact of the operator-defined secret parameters in MILENAGE on the difficulty to perform Differential Power Analysis, and show that they do not improve implementation security. Our results back up the observation that physical security issues raise long-term challenges that should be solved early in the development of cryptographic implementations, with adequate countermeasures.

KW - Mobile network security

KW - SIM cards cloning

KW - Side-channel attacks

UR - https://www.scopus.com/pages/publications/84951285097

U2 - 10.1007/978-3-319-24174-6_24

DO - 10.1007/978-3-319-24174-6_24

M3 - 会议稿件

AN - SCOPUS:84951285097

SN - 9783319241739

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 468

EP - 480

BT - Computer Security – ESORICS 2015 - 20th European Symposium on Research in Computer Security, Proceedings

A2 - Ryan, Peter Y.A.

A2 - Pernul, Günther

A2 - Weippl, Edgar

PB - Springer Verlag

Y2 - 21 September 2015 through 25 September 2015

ER -

Liu J, Yu Y, Standaert FX, Guo Z, Gu D, Sun W et al. Small tweaks do not help: Differential power analysis of MILENAGE implementations in 3G/4G USIM cards. In Ryan PYA, Pernul G, Weippl E, editors, Computer Security – ESORICS 2015 - 20th European Symposium on Research in Computer Security, Proceedings. Springer Verlag. 2015. p. 468-480. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-24174-6_24

Small tweaks do not help: Differential power analysis of MILENAGE implementations in 3G/4G USIM cards

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this