Back to Search Start Over

On-Device Power Analysis Across Hardware Security Domains.

Authors :
Colin O’Flynn
Alex Dewar
Source :
Transactions on Cryptographic Hardware and Embedded Systems, Vol 2019, Iss 4 (2019)
Publication Year :
2019
Publisher :
Ruhr-Universität Bochum, 2019.

Abstract

Side-channel power analysis is a powerful method of breaking secure cryptographic algorithms, but typically power analysis is considered to require specialized measurement equipment on or near the device. Assuming an attacker first gained the ability to run code on the unsecure side of a device, they could trigger encryptions and use the on-board ADC to capture power traces of that hardware encryption engine. This is demonstrated on a SAML11 which contains a M23 core with a TrustZone-M implementation as the hardware security barrier. This attack requires 160 × 106 traces, or approximately 5 GByte of data. This attack does not use any external measurement equipment, entirely performing the power analysis using the ADC on-board the microcontroller under attack. The attack is demonstrated to work both from the non-secure and secure environment on the chip, being a demonstration of a cross-domain power analysis attack. To understand the effect of noise and sample rate reduction, an attack is mounted on the SAML11 hardware AES peripheral using classic external equipment, and results are compared for various sample rates and hardware setups. A discussion on how users of this device can help prevent such remote attacks is also presented, along with metrics that can be used in evaluating other devices. Complete copies of all recorded power traces and scripts used by the authors are publicly presented.

Details

Language :
English
ISSN :
25692925
Volume :
2019
Issue :
4
Database :
Directory of Open Access Journals
Journal :
Transactions on Cryptographic Hardware and Embedded Systems
Publication Type :
Academic Journal
Accession number :
edsdoj.25bef146ac20476fbef3edcf6afa0eed
Document Type :
article
Full Text :
https://doi.org/10.13154/tches.v2019.i4.126-153