International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: On-Device Power Analysis Across Hardware Security Domains.

Authors:
Colin O’Flynn , Dalhousie University
Alex Dewar , Dalhousie University
Download:
DOI: 10.13154/tches.v2019.i4.126-153
URL: https://tches.iacr.org/index.php/TCHES/article/view/8347
Search ePrint
Search Google
Presentation: Slides
Abstract: Side-channel power analysis is a powerful method of breaking secure cryptographic algorithms, but typically power analysis is considered to require specialized measurement equipment on or near the device. Assuming an attacker first gained the ability to run code on the unsecure side of a device, they could trigger encryptions and use the on-board ADC to capture power traces of that hardware encryption engine.This is demonstrated on a SAML11 which contains a M23 core with a TrustZone-M implementation as the hardware security barrier. This attack requires 160 × 106 traces, or approximately 5 GByte of data. This attack does not use any external measurement equipment, entirely performing the power analysis using the ADC on-board the microcontroller under attack. The attack is demonstrated to work both from the non-secure and secure environment on the chip, being a demonstration of a cross-domain power analysis attack.To understand the effect of noise and sample rate reduction, an attack is mounted on the SAML11 hardware AES peripheral using classic external equipment, and results are compared for various sample rates and hardware setups. A discussion on how users of this device can help prevent such remote attacks is also presented, along with metrics that can be used in evaluating other devices. Complete copies of all recorded power traces and scripts used by the authors are publicly presented.
Video from TCHES 2019
Video provided under Creative Commons / CC BY 3.0
BibTeX
@article{tches-2019-29848,
  title={On-Device Power Analysis Across Hardware Security Domains},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2019, Issue 4},
  pages={126-153},
  url={https://tches.iacr.org/index.php/TCHES/article/view/8347},
  doi={10.13154/tches.v2019.i4.126-153},
  author={Colin O’Flynn and Alex Dewar},
  year=2019
}