Side-channel attack countermeasure based on power supply modulation

Leave a Comment / Tecnologías de la información área desarrollo de software multiplataforma / By
Bookmark (0)
Please login to bookmark Close

As the number of IoT devices grows exponentially every year, so do the security threats. Due to their mobility and limited size, power and performance, these devices are particularly vulnerable to side-channel attacks that are based on device physical leaks. In this paper, we modulate the power supply voltage to secure the devices against two types of side-channel attacks: differential and correlation power analysis attacks (DPA and CPA) that aim to reveal cryptographic secret key and attacks that process the leaked signal to obtain the information on the activity inside the device (e.g. identify the keystrokes when typing a password). We perform both types of attacks on a low-cost microcontroller used in a variety of IoT devices and find the most effective voltage modulation for both of the targeted attacks. The proposed countermeasure is easy to implement and does not require re-designing the microcontroller, thereby avoiding high costs of fabrication and testing. It is extremely effective against cryptographic attacks as it increases the minimum number of traces required to disclose (MTD) by two orders of magnitude. For non-cryptographic attacks the correlation coefficient between the leaked signal and the sensitive information is lowered by 33%.

​As the number of IoT devices grows exponentially every year, so do the security threats. Due to their mobility and limited size, power and performance, these devices are particularly vulnerable to side-channel attacks that are based on device physical leaks. In this paper, we modulate the power supply voltage to secure the devices against two types of side-channel attacks: differential and correlation power analysis attacks (DPA and CPA) that aim to reveal cryptographic secret key and attacks that process the leaked signal to obtain the information on the activity inside the device (e.g. identify the keystrokes when typing a password). We perform both types of attacks on a low-cost microcontroller used in a variety of IoT devices and find the most effective voltage modulation for both of the targeted attacks. The proposed countermeasure is easy to implement and does not require re-designing the microcontroller, thereby avoiding high costs of fabrication and testing. It is extremely effective against cryptographic attacks as it increases the minimum number of traces required to disclose (MTD) by two orders of magnitude. For non-cryptographic attacks the correlation coefficient between the leaked signal and the sensitive information is lowered by 33%. Read More

Related posts:

Default ThumbnailSide-channel attacks and countermeasures for heart rate retrieval from ECG characterization device Default ThumbnailMethodology for complete decorrelation of power supply em side-channel signal and sensitive data Default ThumbnailReconfigurable switched capacitor DC-DC converter for improved security in IoT devices Default ThumbnailVertical GaN-on-GaN Trench Junction Barrier Schottky Diodes With a Slanted Sidewall Default ThumbnailFour-Switch Three Phase Operation of Grid Side Converter of Doubly Fed Induction Generator with Three Vectors Predictive Direct Power Control Strategy Secure Boot is busted on hundreds of PCs from Dell, Acer, Intel, and others