I am thinking about building a dongle that acts as a USB or PS/2 keyboard device and is capable of doing some cryptographic things for me, e.g. provide time-based authentication codes, store passwords and things like that. However, I would like to make this thing at least a little bit secure against power consumption analysis attacks.
One thing I have in mind is to put a small capacitor on the board and have two microcontrollers; microcontroller A talks to the computer and the user, microcontroller B does the crypto. When A requests a computation using a secret key, B would make sure that it has enough power in the capacitor and then disconnect itself from A using transistors before performing the actual computation.
Does this sound like a good idea? In other words, is it likely that this will make power consumption attacks much harder without significantly degrading the usability?
Edit: I'm assuming that the opponent is inside the PC but can't get hold of the board.
Best Answer
If you're not using custom silicon, I don't see any way to achieve really good security against power monitoring without adding some sort of battery (which you may want anyway for time-keeping) that's mounted in such a way one cannot get access to the electronics without breaking the battery connection (the board would have to receive its crypto keys after the battery is installed, and removing the battery would erase them). Once the board is protected in such fashion, there are many ways of guarding against power-supply monitoring. A simple approach might be to wire in series with the supply a PFET with source and drain "reversed" so that when the gate is high or floating it will behave as a diode. Driving the gate low momentarily, before a cryptographic computation, would then cause VDD to rise by a diode drop; if one raises the gate, the micro would be powered by the bypass and filter caps until their voltage dropped by 0.5 volts or so. External monitoring could ascertain the total current consumed by a computation, but that would likely not be meaningful.