Evaluating Side-Channel Vulnerabilities

By Bart Stevens and Gary Kenworthy In a book chapter titled “Security of Crypto IP Core: Issues and Countermeasures,” authors Debapriya Basu Roy and Debdeep Mukhopadhyay recently explored various side-channel vulnerabilities that can be exploited by an attacker. “An adversary can observe the power consumption, timing performance, electromagnetic radiation or even acoustic behavior o... » read more

Imperfect Silicon, Near-Perfect Security

Some chipmakers, under pressure to add security to rapidly growing numbers of IoT devices, have rediscovered a "fingerprinting" technique used primarily as an anti-counterfeiting measure. [getkc id="227" kc_name="Physically unclonable functions"] (PUFs) are used to assign a unique identification number based on inconsistencies in the speed with which current causes a series of logic gates to... » read more

Bypassing Encryption With Side-Channel Attacks

Devices and systems that implement robust encryption/decryption algorithms using cryptographic keys were historically considered secure. Nevertheless, there is a category of attacks that simply ignore the mathematic properties of a cryptographic system – and instead focuses on its physical implementation in hardware. This vector is known as side-channel attacks, which are commonly referred... » read more

Protecting Electronic Systems From Side-Channel Attacks

During the early days of safecracking, rudimentary rotary locks were compromised by feel or sound to determine the correct combination. Following in this tradition, malicious actors are now exploiting side-channel attacks (SCA) to compromise cryptographic systems. To be sure, all physical electronic systems routinely leak information about the internal process of computing via fluctuating level... » read more

Thwarting Side-Channel Attacks With DPA-Protected Software Libraries

All physical electronic systems routinely leak information about the internal process of computing via fluctuating levels of power consumption and electro-magnetic emissions. Much like the early days of safecracking, electronic side-channel attacks (SCA) eschew a brute force approach to extracting keys and other secret information from a device or system. Moreover, SCA conducted against elec... » read more

Putting A Hardware Root-of-Trust To Work In An Anti-Counterfeiting IC

An anti-counterfeiting security IC is conceptually rather simple: during manufacture, it is securely programmed with some secret data. Then during operation, it can prove to a verifying host that it knows that secret data. This “proof of knowledge” is often all that can be expected of a low-cost security IC. This prove-you-know-the-secret authentication process between the security IC an... » read more

The Evolution Of Side-Channel Attacks

A side-channel attack can perhaps best be defined as any attack based on information gained from the physical implementation of a cryptosystem, rather than brute force or theoretical weaknesses in the algorithms. Put simply, all physical electronic systems routinely leak information about their internal process of computing via their power consumption or electromagnetic emanations. This mean... » read more

Side-Channel Attacks

There are many techniques available for hackers to gain access to a system and obtain secret keys or other proprietary information– from invasive methods, such as microprobing, to noninvasive methods, such as cryptoanalysis. However, one of the easiest and most effective ways to extract the contents of a chip is through a side-channel attack using power analysis. To read more, click here. » read more

Fixing Security Holes

Connected devices can do everything from save lives to improve the quality of life. They also destroy that quality or cause harm if these things or systems of things are not secure. Security is a complex multi-level problem. It spans the entire seven-layer OSI communication stack, as well as the software that is used to run, manage and operate hardware. And it needs to be dealt with from mul... » read more

IoT Security Risks Grow

Semiconductor Engineering sat down to discuss security issues with Asaf Shen, vice president of marketing for security IP in [getentity id="22186" comment="ARM"]'s Systems & Software Group; Timothy Dry, principal staff marketing manager for the Industrial IoT segment at GlobalFoundries; Chowdary Yanamadala, senior vice president of business development at [getentity id="22819" comment="Glob... » read more

← Older posts