Check out the new USENIX Web site.

Home About USENIX Events Membership Publications Students
CARDIS '02 Abstract

Automatic Code Recognition for Smartcards Using a Kohonen Neural Network

Jean-Jacques Quisquater and David Samyde, Université catholique de Louvain

Abstract

A processor can leak information by different ways. Although, the possibility of attacking smart cards by analyzing their power consumption [Kocher] or their electromagnetic radiations is now commonly accepted [Gandolfi]. A lot of publications recognize the possibility to recover the signature of an instruction in a side channel trace. It seems that no article demonstrate how to automate reverse engineering of software code, using this assumption. Our work describes a method to recognize the instructions carried out by the processor. In a general way, a classifier permits to identify the right or wrong value during the comparison of a pin code or large parts of a software code. On a few microcontrollers, using a classical correlation between the power trace and a dictionary, we show how to identify the CPU's actions. Sometimes, silicon manufacturers hide specific opcodes deliberately. The EM investigation and the template attack demonstrated by IBM, at Cryptographic Hardware and Embedded Systems 2002, rely on multi-variate signal processing for electromagnetic and power traces. The method presented in this article is based on a self organizing map. On a CISC processor, it is then obvious to find a hidden instruction looking for a hole or a bad construction of the map. The case of pipelined processors is a little bit different: as they decode, execute, fetch, several parts of different opcodes at the same time, it is more difficult to recognize a specific signature.
  • View the full text of this paper in PDF. Until November 2003, you will need your USENIX membership identification in order to access the full papers.
    The Proceedings are published as a collective work, © 2002 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.

  • If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.

  • To become a USENIX Member, please see our Membership Information.

?Need help? Use our Contacts page.

Last changed: 4 Nov. 2002 aw
Technical Program
CARDIS '02 Home
USENIX home