author        = {Michael Hutter and Mario Kirschbaum and Thomas Plos and J\"orn-Marc Schmidt and Stefan Mangard},
  title         = {Exploiting the Difference of Side-Channel Leakages},
  booktitle     = {Constructive Side-Channel Analysis and Secure Design -- COSADE 2012, 3rd International Workshop, Darmstadt, Germany, May 3-4},
  year          = {2012},
  editor        = {Werner Schindler and Sorin A. Huss},
  volume        = {7275},
  series        = {Lecture Notes in Computer Science},
  pages         = {1--16},
  publisher     = {Springer},
  doi           = {10.1007/978-3-642-29912-4_1},
  isbn          = {978-3-642-29911-7},
  keywords      = {Side-Channel Attacks, Power Analysis, Measurement Setup, DPA, SPA},
  url           = {http://dx.doi.org/10.1007/978-3-642-29912-4_1},  
  abstract      = {Radio-frequency identication (RFID) technology is the enabler for applications like the future internet of things (IoT), where security plays an important role. When integrating security to RFID tags, not only the cryptographic algorithms need to be secure but also their implementation. In this work we present differential power analysis (DPA) and dierential electromagnetic analysis (DEMA) attacks on a security-enabled RFID tag. The attacks are conducted on both an ASIC-chip version and on an FPGA-prototype version of the tag. The design of the ASIC version equals that of commercial RFID tags and has analog and digital part integrated on a single chip. Target of the attacks is an implementation of the Advanced Encryption Standard (AES) with 128-bit key length and DPA countermeasures. The countermeasures are shuffing of operations and insertion of dummy rounds. Our results illustrate that the effort for successfully attacking the ASIC chip in a real-world scenario is only 4.5 times higher than for the FPGA prototype in a laboratory environment. This let us come to the conclusion that the effort for attacking contactless devices like RFID tags is only slightly higher than that for contact-based devices. The results further underline that the design of countermeasures like the insertion of dummy rounds has to be done with great care, since the detection of patterns in power or electromagnetic traces can be used to signicantly lower the attacking effort.}