Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Robust Profiling for DPA-Style Attacks Kapitel lesen Erstes Kapitel lesen

2015 | OriginalPaper | Buchkapitel

SoC It to EM: ElectroMagnetic Side-Channel Attacks on a Complex System-on-Chip

verfasst von : J. Longo, E. De Mulder, D. Page, M. Tunstall

Erschienen in: Cryptographic Hardware and Embedded Systems -- CHES 2015

Verlag: Springer Berlin Heidelberg

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Increased complexity in modern embedded systems has presented various important challenges with regard to side-channel attacks. In particular, it is common to deploy SoC-based target devices with high clock frequencies in security-critical scenarios; understanding how such features align with techniques more often deployed against simpler devices is vital from both destructive (i.e., attack) and constructive (i.e., evaluation and/or countermeasure) perspectives. In this paper, we investigate electromagnetic-based leakage from three different means of executing cryptographic workloads (including the general purpose ARM core, an on-chip co-processor, and the NEON core) on the AM335x SoC. Our conclusion is that addressing challenges of the type above is feasible, and that key recovery attacks can be conducted with modest resources.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel DPA, Bitslicing and Masking at 1 GHz
Nächstes Kapitel Finding the AES Bits in the Haystack: Reverse Engineering and SCA Using Voltage Contrast
Fußnoten
1
Note that by targeting NEON, we specifically aim to add detail to the premise introduced during the CHES 2014 rump session talk of Bernstein and Lange: see http://​cr.​yp.​to/​talks/​2014.​09.​25-2/​slides-dan+tanja-20140925-2-4x3.​pdf.
 
6
See http://​github.​com/​norx/​NORX. We stress our analysis should in no way be inferred as criticism of NORX within the context of CAESAR.
 
Literatur
1.
Aboulkassimi, D., Agoyan, M., Freund, L., Fournier, J.J.A., Robisson, B., Tria, A.: ElectroMagnetic Analysis (EMA) of software AES on Java mobile phones. In: Information Forensics and Security (WIFS), pp. 1–6 (2011)
2.
Aboulkassimi, D., Fournier, J.J.A., Freund, L., Robisson, B., Tria, A.: EMA as a physical method for extracting secret data from mobile phones. IJCSA 2(1), 16–25 (2013)MATH
3.
Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM side-channel(s). In: Kaliski, B.S., koç, Ç.K., Paar, C. (eds.) CHES. LNCS, pp. 29–45. Springer, Heidelberg (2003) CrossRef
4.
5.
Balasch, J., Gierlichs, B., Verdult, R., Batina, L., Verbauwhede, Ingrid: Power analysis of atmel cryptomemory – recovering keys from secure EEPROMs. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 19–34. Springer, Heidelberg (2012) CrossRef
6.
Becker, G.T., Cooper, J., DeMulder, E., Goodwill, G., Jaffe, J., Kenworthy, G., Kouzminov, T., Leiserson, A., Marson, M., Rohatgi, P., Saab, S.: Test vector leakage assessment (TVLA) methodology in practice. In: ICMC (2013)
7.
Becker, G.T., Kasper, M., Moradi, A., Paar, C.: Side-channel based watermarks for IP protection. In: COSADE, pp. 47–50 (2010)
8.
Bernstein, D.J., Schwabe, P.: NEON crypto. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 320–339. Springer, Heidelberg (2012) CrossRef
9.
Câmara, D., Gouvêa, C.P.L., López, J., Dahab, R.: Fast software polynomial multiplication on ARM processors using the NEON engine. In: Cuzzocrea, A., Kittl, C., Simos, D.E., Weippl, E., Xu, Lida (eds.) CD-ARES Workshops 2013. LNCS, vol. 8128, pp. 137–154. Springer, Heidelberg (2013) CrossRef
10.
Charvet, X., Pelletier, H.: Improving the DPA attack using wavelet transform. In: NIST Physical Security Testing Workshop (2005)
11.
Chothia, T., Guha, A.: A statistical test for information leaks using continuous mutual information. In: CSF, pp. 177–190 (2011)
12.
Choudary, O., Kuhn, M.G.: Efficient template attacks. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 253–270. Springer, Heidelberg (2014)
13.
Choudary, O., Kuhn, M.G.: Template attacks on different devices. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 179–198. Springer, Heidelberg (2014)
14.
15.
Daubechies, I.: Ten Lectures on Wavelets. In: CBMS-NSF Regional Conference Series in Applied Mathematics. Society for Industrial and Applied Mathematics (1992)
16.
Debande, N., Souissi, Y., Aabid, M.A.E., Guilley, S., Danger, J.: Wavelet transform based pre-processing for side channel analysis. In: MICROW, pp. 32–38 (2012)
17.
18.
Donoho, D.L., Johnstone, I.M.: Ideal spatial adaptation by wavelet shrinkage. Biometrika 81(3), 425–455 (1994)MathSciNetCrossRef
19.
Du, D., Narasimhan, S., Chakraborty, R.S., Bhunia, S.: Self-referencing: a scalable side-channel approach for hardware trojan detection. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 173–187. Springer, Heidelberg (2010) CrossRef
20.
Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., Shalmani, M.T.M.: On the power of power analysis in the real world: a complete break of the KeeLoq code hopping scheme. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 203–220. Springer, Heidelberg (2008) CrossRef
21.
Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: concrete results. In: Koç, C.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, p. 251. Springer, Heidelberg (2001) CrossRef
22.
Genkin, D., Pachmanov, L., Pipman, I., Tromer, E.: Stealing keys from PCs by radio: cheap electromagnetic attacks on windowed exponentiation. Cryptology ePrint Archive, Report 2015/170 (2015). http://​eprint.​iacr.​org/​
23.
Goodwill, G., Jun, B., Jaffe, J., Rohatgi, P.: A testing methodology for side-channel resistance validation. In: NIST Non-Invasive Attack Testing Workshop (2011)
24.
Heinz, B., Heyszl, J., Stumpf, F.: Side-channel analysis of a high-throughput AES peripheral with countermeasures. In: ISIC, pp. 25–29 (2014)
25.
26.
Käsper, E., Schwabe, P.: Faster and timing-attack resistant AES-GCM. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 1–17. Springer, Heidelberg (2009) CrossRef
27.
Kasper, M., Kasper, T., Moradi, A., Paar, C.: Breaking KeeLoq in a flash: on extracting keys at lightning speed. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 403–420. Springer, Heidelberg (2009) CrossRef
28.
Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 388. Springer, Heidelberg (1999)
29.
Longo, J., De Mulder, E., Page, D., Tunstall, M.: SoC it to EM: electromagnetic side-channel attacks on a complex system-on-chip. Cryptology ePrint Archive, (2015). http://​eprint.​iacr.​org/​
30.
Mallat, S.G.: A theory for multiresolution signal decomposition : the wavelet representation. IEEE Trans. Pattern Anal. Mach. Intell. 11(7), 674–693 (1989)CrossRef
31.
Mangard, S., Oswald, E., Popp, T.: Power analysis attacks: Revealing the secrets of smart cards. Springer, US (2008)
32.
Mateos, E., Gebotys, C.H.: Side channel analysis using Giant Magneto-Resistive (GMR) sensors. In: COSADE, pp. 42–49 (2011)
33.
Medwed, M., Standaert, F.-X., Joux, A.: Towards super-exponential side-channel security with efficient leakage-resilient PRFs. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 193–212. Springer, Heidelberg (2012) CrossRef
34.
Moradi, A., Barenghi, A., Kasper, T., Paar, C.: On the vulnerability of FPGA bitstream encryption against power analysis attacks: extracting keys from Xilinx Virtex-II FPGAs. In: CCS, pp. 111–124 (2011)
35.
Pellegrini, A., Bertacco, V., Austin, T.: Fault-based attack of RSA authentication. In: DATE, pp. 855–860 (2010)
36.
37.
Quisquater, J.-J., Samyde, D.: ElectroMagnetic Analysis (EMA): measures and counter-measures for smart cards. In: Attali, S., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, p. 200. Springer, Heidelberg (2001) CrossRef
38.
Rohatgi, P.: Electromagnetic attacks and countermeasures. In:Cryptographic Engineering, pp. 407–430. Springer, US (2009)
39.
Saab, S., Leiserson, A., Tunstall, M.: Efficient key extraction from the primary side of a switched-mode power supply. In: Cryptology ePrint Archive, Report 2015/512 (2015). http://​eprint.​iacr.​org/​
40.
41.
Strang, G., Fix, G.J.: An Analysis of the Finite Element Method. Automatic Computation, Prentice-Hall, Englewood Cliffs (1973)
42.
Uno, H., Endo, S., Hayashi, Y., Homma, N., Aoki, T.: Chosen-message electromagnetic analysis against cryptographic software on embedded OS. In: EMC (2014)
43.
Zajic, A., Prvulovic, M.: Experimental demonstration of electromagnetic information leakage from modern processor-memory systems. IEEE Trans. Electromagn. Compat. 56(4), 885–893 (2014)CrossRef
Metadaten
Titel
SoC It to EM: ElectroMagnetic Side-Channel Attacks on a Complex System-on-Chip
verfasst von
J. Longo
E. De Mulder
D. Page
M. Tunstall
Copyright-Jahr
2015
Verlag
Springer Berlin Heidelberg
Buch
Cryptographic Hardware and Embedded Systems -- CHES 2015

Print ISBN: 978-3-662-48323-7

Electronic ISBN: 978-3-662-48324-4

Copyright-Jahr: 2015

DOI
https://doi.org/10.1007/978-3-662-48324-4_31