Aurelien T. Mozipo,John M. Acken

DOI: https://doi.org/10.1109/tdsc.2024.3370711

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Countermeasures and deterrents to power side-channel attacks targeting the alteration or scrambling of the power delivery network have been shown to be effective against local attacks where the malicious agent has physical access to the target system. However, remote attacks that capture the leaked information from within the IC power grid are shown herein to be nonetheless effective at uncovering the secret key in the presence of these countermeasures/deterrents. Theoretical studies and experimental analysis are carried out to define and quantify the impact of integrated voltage regulators, voltage noise injection, and integration of on-package decoupling capacitors for both remote and local attacks. An outcome yielded by the studies is that the use of an integrated voltage regulator as a countermeasure is effective for a local attack. However, remote attacks are still effective and hence break the integrated voltage regulator countermeasure. From the experimental analysis, it is observed that within the range of designs' practical values, the adoption of on-package decoupling capacitors provides only a 1.3x increase in the minimum number of traces required to discover the secret key. However, the injection of noise in the IC power delivery network yields a 37x increase in the minimum number of traces to discover. Thus, increasing the number of on-package decoupling capacitors or the impedance between locally measured power and the IC power grid should not be relied on as countermeasures to power side-channel attacks, for remote attack schemes. Noise injection should be considered as it is more effective at scrambling the leaked signal to eliminate sensitive identifying information.

computer science, information systems, software engineering, hardware & architecture

Qian Lei,Liji Wu,Shaohui Zhang,Xiangmin Zhang,Xiangyu Li,Liyang Pan,Zhimeng Dong

DOI: https://doi.org/10.1109/cis.2015.102

2015-01-01

Abstract:Side-channel analysis is becoming a major threat to the security chips of smart cards, including power analysis, electromagnetic analysis and fault injection. Based on software hardware co-design, we implemented a side-channel analysis platform covering CPA/DPA/TA/CA methods, which could effectively reveal the secret keys on security chips. Our work integrates power analysis, electromagnetic analysis and fault injection into single platform, which contains regular international cryptographic algorithm of AES/3DES/ RSA/ECC and China standard cryptographic algorithm of SM2/SM3/SM4. And a novel UML model for software implementation is proposed. Six smart card products with countermeasures have been analyzed on our platform, and all keys have been revealed successfully. Particularly, the key of a contactless smart card product was revealed by 350,000 power traces, and compared to the foreign report out of 1,000,000 power traces, we have about 65% increase on efficiency of revealing keys.

Deevi Radha Rani,S. Venkateswarlu,Venkata Naresh Mandhala,Tai-hoon Kim

DOI: https://doi.org/10.14257/ijsia.2015.9.6.02

2015-01-01

International Journal of Security and Its Applications

Abstract:Power Analysis Attack is a type of side-channel attack that uses power consumption of a cryptographic device to reveal the sensitive information. Power Analysis Attack is causing a serious threat to the embedded systems like smart cards. So there is a need to secure embedded systems from power analysis attack. In this paper, various methods of power analysis attack are addressed. The power analysis attack experimental setup using SASEBO-W is depicted and the various countermeasures are proposed. Performance comparison of counter measures are analyzed and tabulated.

Xiangyu Li,Chaoqun Yang,Jiangsha Ma,Yongchang Liu,Shujuan Yin

DOI: https://doi.org/10.1109/tvlsi.2017.2752212

2017-01-01

IEEE Transactions on Very Large Scale Integration (VLSI) Systems

Abstract:Energy-efficient countermeasures to side-channel attacks are required for Internet of Things hardware. This paper proposes a special hiding technique for the substitution operation in block ciphers, which equalizes the power consumption of a circuit by appropriate feedforward compensation and is called power-aware hiding (PAH). A hybrid application configuration, in which PAH is applied to the S-boxes while the left linear operations are protected with a general masking method, is proposed as well. This solution not only has higher energy efficiency but can also be implemented automatically in a semicustom manner. The Advanced Encryption Standard VLSI adopting this solution was implemented and manufactured in 180-nm technology as a demonstration. The implementation issues regarding the countermeasures are discussed in this paper. Testing shows that the chip has a throughput up to 1.175 Gb/s with 18.1-mW power consumption and its number of measurements to disclosure is 13.4 million.

Andreas Gornik,Amir Moradi,Jurgen Oehm,Christof Paar

DOI: https://doi.org/10.1109/tcad.2015.2423274

2015-08-01

Abstract:Side-channel attacks are one of the major concerns for security-enabled applications as they make use of information leaked by the physical implementation of the underlying cryptographic algorithm. Hence, reducing the side-channel leakage of the circuits realizing the cryptographic primitives is amongst the main goals of circuit designers. In this paper, we present a novel circuit concept, which decouples the main power supply from an internal power supply that is used to drive a single logic gate. The decoupling is done with the help of buffering capacitances integrated into semiconductor. We also introduce—compared to the previously known schemes—an improved decoupling circuit which reduces the crosstalk from the internal to the external power supply. The result of practical side-channel evaluation on a prototype chip fabricated in a 150nm CMOS technology shows a high potential of our proposed technique to reduce the side-channel leakages.

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Pouya Narimani,Meng Wang,Ulysse Planta,Ali Abbasi

2024-10-15

Abstract:Power side-channel (PSC) attacks are widely used in embedded microcontrollers, particularly in cryptographic applications, to extract sensitive information. However, expanding the applications of PSC attacks to broader security contexts in the embedded systems domain faces significant challenges. These include the need for specialized hardware setups to manage high noise levels in real-world targets and assumptions regarding the attacker's knowledge and capabilities. This paper systematically analyzes these challenges and introduces a novel signal-processing method that addresses key limitations, enabling effective PSC attacks in real-world embedded systems without requiring hardware modifications. We validate the proposed approach through experiments on real-world black-box embedded devices, verifying its potential to expand its usage in various embedded systems security applications beyond traditional cryptographic applications.

Cryptography and Security

Shenghua Chen,Wei Ge,Jinjiang Yang,Bo Liu,Jun Yang

DOI: https://doi.org/10.1109/trustcom/bigdatase.2018.00206

2018-01-01

Abstract:Side-channel Attack, such as simple power analysis and differential power analysis (DPA), is an efficient method to gather the key, which challenges the security of crypto chips. Side-channel Attack logs the power trace of the crypto chip and speculate the key by statistical analysis. To reduce the threat of power analysis attack, an innovative method based on random execution is proposed in this paper. In order to enhance ability against DPA, the method disorders the correspondence between power trace and operands by scrambling the data execution sequence randomly and dynamically. Experiments and verification are done on the Sakura-G FPGA platform. The results show that the key is not reveal after even 1 million power traces by adopting proposed method and only 1.12% slices overhead is introduced. Compared to unprotected chip, it increases more than 140× measure to disclosure.

Jianlei Yang,Chenguang Wang,Yici Cai,Qiang Zhou

DOI: https://doi.org/10.1109/fpt.2014.7082770

2014-01-01

Abstract:Side Channel Attack (SCA) aims to extract the secret information from cryptography chips by analyzing the leakage of physical parameters. Power analysis based SCA is a popular approach to obtain secret keys by monitoring the power consumption of cryptography chips. However, most SCA evaluation methods are performed on FPGA platforms while many parasitic physical effects cannot be revealed before the cryptography chips are taped out. Roughly ignoring these effects will significantly increase the attack difficulties due to the corresponding measurement noise. Power supply noise has been observed to be critical for power analysis based SCA. This paper demonstrates a power supply noise aware evaluation framework for practical side channel attack from cryptography system design to physical design. On-chip power delivery network is implemented among physical design stage. Consequently the supply noise of power network can be explored according to the post-layout implementation. Additionally, the countermeasures of cryptography chips could be enhanced by on-chip decapacitors placement due to its influences on the characteristics of power delivery network.

Hasindu Gamaarachchi,Harsha Ganegoda

DOI: https://doi.org/10.48550/arXiv.1801.00932

2018-01-03

Abstract:Power analysis is a branch of side channel attacks where power consumption data is used as the side channel to attack the system. First using a device like an oscilloscope power traces are collected when the cryptographic device is doing the cryptographic operation. Then those traces are statistically analysed using methods such as Correlation Power Analysis (CPA) to derive the secret key of the system. Being possible to break Advanced Encryption Standard (AES) in few minutes, power analysis attacks have become a serious security issue for cryptographic devices such as smart card. As the first phase of our project, we build a testbed for doing research on power analysis attacks. As power analysis is a practical type of attack in order to do any research, a testbed is the first requirement. Since building a test bed is a complicated process, having a pre-built testbed would save the time of future researchers. The second phase of our project is to attack the latest cryptographic algorithm called Speck which has been released by National Security Agency (NSA) for use in embedded systems. In spite it has lot of differences to AES making impossible to directly use the power analysis approach used for AES, we introduce novel approaches to break Speck in less than an hour. In the third phase of the project, we select few already introduced countermeasures and practically attack them on our testbed to do a comparative analysis. We show that software countermeasures such as random instruction injection and randomly shuffling S-boxes are good enough for their simplicity and cost. But we identify the possible threat due to the problem of generating a good seed for the pseudo-random algorithm running on the microcontroller. We attempt to address this issue by using a hardware-based true random generator that amplifies a random electrical signal and samples to generate a proper seed.

Cryptography and Security

Wei Sun,Jun-Rong Liu,Da-Wu Gu,Zheng Guo,Jun Xie,Bo Ma

2015-01-01

Abstract:Nowadays, cryptographic circuits have been widely used in many fields such as finance, transportation and government business. Such devices have software and hardware implementations, as they both have certain weakness and constraints. In this paper, we research on both software and hardware cryptographic circuits based on the side channel technology. By using different power leakage models, we can point out the weakness operations of a cryptographic circuit that leaks secret information. Furthermore, we research on the differences between software and hardware implementations of SM3-HMAC, and propose power analysis methods respectively.

Qi Chen,Dongyan Zhao,Liang Liu,Xuesong Yan,Yidong Yuan,Xige Zhang,Hongmei Wu,Zhe Wang

DOI: https://doi.org/10.1016/j.csi.2021.103569

IF: 3.721

2022-01-01

Computer Standards & Interfaces

Abstract:Side-channel attacks (SCAs) have become a significant threat nowadays to cryptographic devices, especially central processing units (CPUs). Based on the implementation of AES-128, the side-channel information leakage analysis is carried out in a 32-bit CPU microarchitecture in this work. Correlation power analysis (CPA) results show that it is obvious to reveal the secret key by using only 30 power traces based on the net-list simulation. Three flexibly configurable hardware-based countermeasures are proposed to prevent information leakage in the arithmetic and logic unit (ALU), register file (RF) and load/store unit (LSU), respectively, which are the most sensitive components according to our analysis. The proposed countermeasures have different protection effects on the CPU since the required trace number to reveal the secret key has increased from 30 to 100 similar to 120,000. Moreover, the anti-attack capability of the CPU is improved by 4000 times using the three countermeasures simultaneously. The proposed countermeasures can be freely combined while considering the CPU security and implementation overhead. In practice, the anti-attack capability of the CPU can be further improved when the proposed countermeasures are implemented in real-world measurements, because additional noise will be introduced during the measurements.

Haocheng Ma,Qizhi Zhang,Ya Gao,Jiaji He,Yiqiang Zhao,Yier Jint

DOI: https://doi.org/10.1145/3489517.3530413

2022-01-01

Abstract:Side-channel analysis (SCA) attacks show an enormous threat to cryptographic integrated circuits (ICs). To address this threat, designers try to adopt various countermeasures during the IC development process. However, many existing solutions are costly in terms of area, power and/or performance, and may require full-custom circuit design for proper implementations. In this paper, we propose a tool, namely PATHFINDER, to automatically identify leaky paths and protect the design, and is compatible with the commercial design flow. The tool first finds out partial logic cells that leak the most information through dynamic correlation analysis. PATHFINDER then exploits static security checking to construct complete leaky paths based on these cells. After leaky paths are identified, PATHFINDER will leverage proper hardware countermeasures, including Boolean masking and random precharge, to eliminate information leakage from these paths. The effectiveness of PATHFINDER is validated both through simulation and physical measurements on FPGA implementations. Results demonstrate more than 1000x improvements on side-channel resistance, with less than 6.53 % penalty to the power, area and performance.

Lin Yan,Yao Guo,Xiangqun Chen,Hong Mei

DOI: https://doi.org/10.1145/2875913.2875934

2015-01-01

Abstract:Power side channel is a very important category of side channels, which can be exploited to steal confidential information from a computing system by analyzing its power consumption. In this paper, we demonstrate the existence of various power side channels on popular mobile devices such as smartphones. Based on unprivileged power consumption traces, we present a list of real-world attacks that can be initiated to identify running apps, infer sensitive UIs, guess password lengths, and estimate geo-locations. These attack examples demonstrate that power consumption traces can be used as a practical side channel to gain various confidential information of mobile apps running on smartphones. Based on these power side channels, we discuss possible exploitations and present a general approach to exploit a power side channel on an Android smartphone, which demonstrates that power side channels pose imminent threats to the security and privacy of mobile users. We also discuss possible countermeasures to mitigate the threats of power side channels.

LIU Peng,WEI Lian-feng

DOI: https://doi.org/10.16208/j.issn1000-7024.2008.10.006

2008-01-01

Abstract:To be more secure,crypto-chips should be protected against simple power analysis attack and differential power analysis attack.Three technologies of differential power analysis are described and the performance of them is compared.To counter power analysis software and hardware level solutions are developed,but none of them achieved a total prevention of such attacks.The combi-nation of software and hardware is higher-efficiency in countermeasures to power analysis.Finally research directions are discussed.

Edwin H-M Sha

2010-01-01

Journal of Computer Research and Development

Abstract:Power analysis attack has become one of the most serious threats to break embedded security chips.It can crack security chips much faster than exhaustive search methods.It is a new attack method of secret key.Power analysis attack and its defense have attracted much attention in recent years.First studied in this paper are the power models that can be used for power analysis attacks and defense.It is pointed out that the high-performance and general-purpose model of power analysis attacks remains a very important research in the current.Then the authors discuss various types of power analysis attack and defense techniques,beginning from simple power analysis attack,differential power analysis attack to high-order power analysis attack.The success rate of a high-order power analysis attack is higher than that of the others,but its time and complexity of calculating are higher.Defense techniques on the algorithm level and circuit-level are also presented.Algorithm level is flexible to achieve,easy to transplant,and the realization of circuit-level is difficult,but it can gain better defense.Through the discussion and comparison,this paper can help researchers design a proper solution to defend against various power analysis attacks for their particular embedded security chips,and they can also gain useful information about power analysis attacks.Finally,the future research direction on power analysis attack and defense is presented.

Renfa Li

2009-01-01

Computer Science

Abstract:Power analysis attack has become a great threat to security SoC Chips.It has shown to be one of the most eff-ective techniques to discover secret keys.Power analysis attack and its resistant have attracted much study.The paper reviewed various types of power analysis attacks resisted techniques,including algorithm level and circuit-level.The important research results on resisting power analysis attacks were summarized with comments.Power analysis attacks resistant of experimental methods summarized,the proper experimental methods were proposed.In the last,the paper presented the future research directions.

Saleh Khalaj Monfared,Tahoura Mosavirik,Shahin Tajik

DOI: https://doi.org/10.48550/arXiv.2310.07014

2023-05-08

Cryptography and Security

Abstract:The threat of physical side-channel attacks and their countermeasures is a widely researched field. Most physical side-channel attacks rely on the unavoidable influence of computation or storage on voltage or current fluctuations. Such data-dependent influence can be exploited by, for instance, power or electromagnetic analysis. In this work, we introduce a novel non-invasive physical side-channel attack, which exploits the data-dependent changes in the impedance of the chip. Our attack relies on the fact that the temporarily stored contents in registers alter the physical characteristics of the circuit, which results in changes in the die's impedance. To sense such impedance variations, we deploy a well-known RF/microwave method called scattering parameter analysis, in which we inject sine wave signals with high frequencies into the system's power distribution network (PDN) and measure the echo of the signals. We demonstrate that according to the content bits and physical location of a register, the reflected signal is modulated differently at various frequency points enabling the simultaneous and independent probing of individual registers. Such side-channel leakage violates the $t$-probing security model assumption used in masking, which is a prominent side-channel countermeasure. To validate our claims, we mount non-profiled and profiled impedance analysis attacks on hardware implementations of unprotected and high-order masked AES. We show that in the case of profiled attack, only a single trace is required to recover the secret key. Finally, we discuss how a specific class of hiding countermeasures might be effective against impedance leakage.

Md Sadik Awal,Buddhipriya Gayanath,Md Tauhidur Rahman

2024-10-01

Abstract:Physical side channels emerge from the relation between internal computation or data with observable physical parameters of a chip. Previous works mostly focus on properties related to current consumption such as power consumption. The fundamental property behind current consumption occur from the impedance of the chip. Contemporary works have stared using chip impedance as a physical side channel in extracting sensitive information from computing systems. It leverages variations in intrinsic impedance of a chip across different logic states. However, there has been a lack of comparative studies. In this study, we conduct a comparative analysis of the impedance side channel, which has been limitedly explored, and the well-established power side channel. Through experimental evaluation, we investigate the efficacy of these side channels in extracting stored advanced encryption standard (AES) cryptographic key on a memory and analyze their performance. Our findings indicate that impedance analysis demonstrates a higher potential for cryptographic key extraction compared to power side-channel analysis (SCA). Moreover, we identify scenarios where power SCA does not yield satisfactory results, whereas impedance analysis proves to be more robust and effective. This work not only underscores the significance of impedance SCA in enhancing cryptographic security but also emphasizes the necessity for a deeper understanding of its mechanisms and implications.

Cryptography and Security,Information Retrieval

Robert Dumitru,Thorben Moos,Andrew Wabnitz,Yuval Yarom

2024-12-06

Abstract:In recent years a new class of side-channel attacks has emerged. Instead of targeting device emissions during dynamic computation, adversaries now frequently exploit the leakage or response behaviour of integrated circuits in a static state. Members of this class include Static Power Side-Channel Analysis (SCA), Laser Logic State Imaging (LLSI) and Impedance Analysis (IA). Despite relying on different physical phenomena, they all enable the extraction of sensitive information from circuits in a static state with high accuracy and low noise -- a trait that poses a significant threat to many established side-channel countermeasures. In this work, we point out the shortcomings of existing solutions and derive a simple yet effective countermeasure. We observe that in order to realise their full potential, static side-channel attacks require the targeted data to remain unchanged for a certain amount of time. For some cryptographic secrets this happens naturally, for others it requires stopping the target circuit's clock. Our proposal, called Borrowed Time, hinders an attacker's ability to leverage such idle conditions, even if full control over the global clock signal is obtained. For that, by design, key-dependent data may only be present in unprotected temporary storage when strictly needed. Borrowed Time then continuously monitors the target circuit and upon detecting an idle state, securely wipes sensitive contents. We demonstrate the need for our countermeasure and its effectiveness by mounting practical static power SCA attacks against cryptographic systems on FPGAs, with and without Borrowed Time. In one case we attack a masked implementation and show that it is only protected with our countermeasure in place. Furthermore we demonstrate that secure on-demand wiping of sensitive data works as intended, affirming the theory that the technique also effectively hinders LLSI and IA.

Cryptography and Security

Jitendra Bhandari,Mohammed Nabeel,Likhitha Mankali,Ozgur Sinanoglu,Ramesh Karri,Johann Knechtel

2024-07-21

Abstract:This paper presents a novel defense strategy against static power side-channel attacks (PSCAs), a critical threat to cryptographic security. Our method is based on (1) carefully tuning high-Vth versus low-Vth cell selection during synthesis, accounting for both security and timing impact, and (2), at runtime, randomly switching the operation between these cells. This approach serves to significantly obscure static power patterns, which are at the heart of static PSCAs. Our experimental results on a commercial 28nm node show a drastic increase in the effort required for a successful attack, namely up to 96 times more traces. When compared to prior countermeasures, ours incurs little cost, making it a lightweight defense.

Cryptography and Security