Reducing smart card information leakage
One of the many integrated components of smart card technology is the microchip processor that contains the digital information pertaining to the cardholder and his/her account. Developers in France have now designed a new microchip based on SmartMIPS architecture that combines dual rail technology with RTZ asynchronous technology, and in turn reduces information leakage. To begin with, the designers tested the XAP microprocessor that combines both the SyncXAP (conventional clocked circuit) with the SecXAP (dual rail RTZ asynchronous circuit), designed by the University of Cambridge. The next step saw the developers take a second chip based upon the SmartMIPS design, whereupon they subjected it to four comparative attack techniques and then evaluated the enhanced results. The four attack tests comprised of Power Analysis, Electromagnetic Analysis, Light/Laser fault injection and Vcc glitches. The XAP microprocessor leaked information through Hamming weight electrical current consumptions, demonstrated a weakness in its SecXAP microprocessor and caused involuntary memory dumps. The main reason for leakage was shown to be the uneven and unbalanced length of the wires produced by the place and route tools. The second chip to be tested demonstrated a reduced power dependency in the magnitude of 20 decibels and a lower intensity of Hamming weight information leakage. The developers believe that this difference has been achieved through the use of different multipliers, namely the SyncMDU (normal clocked multiplier) and the AsyncMDU (asynchronous secure multiplier). The developers further believe that with appropriate design tools or with careful custom chips, more significant yields in reduced information leakage can be obtained. They also concluded that such design weaknesses mean that protecting microchips is far from easy, and there is plenty of room for future improvements in smart card technology.