Side channel attacks reportedly targeted Trusted Platform Modules

This entry was posted on Thursday, March 19th, 2015.

Security analysts reportedly explored how to extract private encryption keys from Trusted Platform Modules (TPMs) by “measuring electromagnetic signals emanating” from the chips.

“This is what cryptographers call differential po​wer analysis, a sophisticated side-channel ​attack in which spies use sensors or other devices to study the power consumption of a chip while it encrypts and decrypts information to extract the keys from it,” writes Motherboard’s Lorenzo Francheschi-Bicchierai.


According to former Microsoft engineer Kenneth Ray, the above-mentioned research indicates sensors could be used to extract sensitive keys from a laptop.

“This is a tiny bit alarming because now you can attack a TPM without there being any evidence that you did so,” Ray told Motherboard.

As Ray notes, this would mark the first time that differential po​wer analysis may have been used to extract keys from a TPM. Nevertheless, says Ray, this is “not surprising” since “all crypto hardware out there is vulnerable to side-band leakage of data that allows the inference of the protected private key.”

According to Paul Kocher, chief scientist of the Rambus Cryptography Research Division and the inventor who discovered the methodology behind side channel attacks, the threat of DPA-based, side-channel attacks is real and only increases as time goes by.

As such, Kocher called on chip manufacturers to “step up to the plate and provide consumers with adequate protection against side-channel attacks.”

Interested in learning more about how Rambus is helping to secure SoCs, devices and content? You can read more about our DPA countermeasures here, CryptoFireWall Cores here and CryptoManager platform here.