Logic State Imaging From FA Techniques for Special Applications to One of the Most Powerful Hardware Security Side-Channel Threats

Side-channel power analysis is a powerful method of breaking secure cryptographic algorithms, but typically power analysis is considered to require specialized measurement equipment on or near the device. Assuming an attacker first gained the ability to run code on the unsecure side of a device, they could trigger encryptions and use the on-board ADC to capture power traces of that hardware encryption engine.This is demonstrated on a SAML11 which contains a M23 core with a TrustZone-M implementation as the hardware security barrier. This attack requires 160 × 106 traces, or approximately 5 GByte of data. This attack does not use any external measurement equipment, entirely performing the power analysis using the ADC on-board the microcontroller under attack. The attack is demonstrated to work both from the non-secure and secure environment on the chip, being a demonstration of a cross-domain power analysis attack.To understand the effect of noise and sample rate reduction, an attack is mounted on the SAML11 hardware AES peripheral using classic external equipment, and results are compared for various sample rates and hardware setups. A discussion on how users of this device can help prevent such remote attacks is also presented, along with metrics that can be used in evaluating other devices. Complete copies of all recorded power traces and scripts used by the authors are publicly presented.

Download Full-text

Hardware security: side-channel attacks and hardware Trojans

Information Security: Foundations, Technologies and Applications ◽

10.1049/pbse001e_ch9 ◽

2018 ◽

pp. 191-214

Keyword(s):

Hardware Security ◽

Side Channel ◽

Side Channel Attacks ◽

Hardware Trojans

Download Full-text

Hardware Primitives-Based Security Protocols for the Internet of Things

Cryptographic Security Solutions for the Internet of Things - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-5742-5.ch005 ◽

2019 ◽

pp. 117-141 ◽

Cited By ~ 6

Author(s):

Muhammad Naveed Aman ◽

Kee Chaing Chua ◽

Biplab Sikdar

Keyword(s):

Low Cost ◽

Security Analysis ◽

Security Protocols ◽

Hardware Security ◽

Side Channel ◽

Data Provenance ◽

Side Channel Attacks ◽

Sensitive Data ◽

Physically Unclonable Functions ◽

Iot Devices

IoT is the enabling technology for a variety of new exciting services in a wide range of application areas including environmental monitoring, healthcare systems, energy management, transportation, and home and commercial automation. However, the low-cost and straightforward nature of IoT devices producing vast amounts of sensitive data raises many security concerns. Among the cyber threats, hardware-level threats are especially crucial for IoT systems. In particular, IoT devices are not physically protected and can easily be captured by an adversary to launch physical and side-channel attacks. This chapter introduces security protocols for IoT devices based on hardware security primitives called physically unclonable functions (PUFs). The protocols are discussed for the following major security principles: authentication and confidentiality, data provenance, and anonymity. The security analysis shows that security protocols based on hardware security primitives are not only secure against network-level threats but are also resilient against physical and side-channel attacks.

Download Full-text