What is the process and related testing standards for DPA testing?

Date：2023-07-12 15:15:21 Views：591

DPA (Differential Power Analysis) is an attack method based on power analysis, which can infer important information such as the encryption algorithm key of the target device by analyzing its power waveform. In order to protect the safety and reliability of the equipment, it is necessary to conduct DPA testing. This article will introduce the process of DPA testing and related testing standards.

The DPA testing process typically includes the following steps:

1. Prepare testing equipment and environment. The testing equipment includes power consumption analyzers, oscilloscopes, signal generators, etc. The testing environment needs to be stable and reliable to ensure the accuracy of the test results.

2. Collect power consumption data. After the test equipment and testing environment are ready, it is necessary to collect power consumption data for the target device. During this process, various operations need to be performed on the target device, such as encryption, decryption, signature, etc., in order to collect power consumption waveform data under different operations.

3. Preprocess power consumption data. The collected power consumption data needs to be preprocessed, such as denoising, filtering, etc., to ensure the accuracy and reliability of the data.

4. Conduct power consumption analysis. After preprocessing the power consumption data, it is necessary to perform power analysis to infer important information such as the encryption algorithm key of the target device. This process usually requires the use of professional power analysis software, such as CWAnalyzer.

5. Validation of analysis results. After completing the power consumption analysis, it is necessary to verify the analysis results to ensure their accuracy and reliability. This process usually requires multiple tests on the target device, and comparison and analysis of the test results.

Common DPA testing standards:

1. Common Criteria (CC) standard. CC standard is an international certification standard used to evaluate and certify the security of information technology products. The CC standard requires DPA testing of the target device and evaluation and certification of the test results.

2. EMVCo standard. The EMVCo standard is a payment card industry standard that requires devices such as payment cards and POS terminals to have certain security capabilities, including resistance to attacks such as DPA. The EMVCo standard requires DPA testing of equipment and evaluation and certification of test results.

3. ISO/IEC standards. The ISO/IEC standard is an international standard used to evaluate and certify the security of information technology products. The ISO/IEC standard requires DPA testing of the target device and evaluation and certification of the test results.

The above is the relevant content of "DPA testing" brought about by this core detection. We hope it can be helpful to everyone, and we will bring more exciting content in the future. The company's testing services cover various testing projects, including electronic component testing and verification, IC authenticity identification, product design and material selection, failure analysis, functional testing, factory incoming material inspection, and tape weaving. Welcome to call Chuangxin Testing, we will be happy to serve you.