Rambus Cryptography Research Fellow Pankaj Rohatgi recently penned an in-depth EDN article describing the methodology behind side-channel attacks.
The technique, says Rohatgi, relies on the fact that any physical realization of cryptography in hardware or software cannot be an “atomic black box” as assumed by the traditional mathematical proofs of security. Simply put, physical systems routinely leak information about the internal process of computing.
“Examples of [inevitable] ‘side-channel’ information include the time taken by a cryptographic operation, power consumption, EM and heat emissions of the cryptographic device while computing – all of which depend on the physical details of the implementation,” Rohatgi explained.
Meaning, a side-channel attacker could gather and exploit the above-mentioned data garnered from various systems and devices to recover secret cryptographic keys.
“The discovery of side-channel attacks in the mid-1990s with the initial focus on smartcards led to [the] myth that these attacks are applicable only to smartcards and other limited devices,” he continued. “However, over the past few years, this myth is being debunked as side-channel attacks have been demonstrated on a wide variety of large devices.”
In addition, security researchers have explored attacks against small hardware cores embedded within a large SoC (system on chip), such as an FPGA, set-top box chip, or mobile application processor.
“In this setting, the positioning of [an] EM probe on either the chip surface or on a bypass capacitor on the system board to localize the leakage signal is critical. But other than that, these SoCs can fall prey to the same differential power analysis attacks in as the smart-cards from the 1990s,” Rohatgi confirmed.
“Fortunately, solutions are available for large-system, SoC and hardware security modules (HSM) threats. The common criterion protection profiles for smartcards that require side-channel protections are already well established, as are EMVCo’s standards for payment cards and national and international standards for electronic passports and national ID cards. They can be applied to these other systems.”
As we’ve previously discussed on Rambus Press, DPA countermeasures developed by the company’s Cryptography Research Division offer a combination of software, hardware and protocol techniques specifically designed to protect tamper-resistant devices from side-channel attacks. These include leak reduction, incorporating randomness, generating amplitude and temporal noise, as well as executing protocol-level countermeasures.
Interested in learning more about how Rambus is helping to secure SoCs, devices and content? You can read more about our DPA countermeasures here, CryptoFireWall Cores here and CryptoManager platform here.