Finding the AES Bits in the Haystack: Reverse Engineering and SCA Using Voltage Contrast

Kison, Christian; Frinken, J.; Paar, Christof

doi:10.1007/978-3-662-48324-4_32

Cited by 7 publications

(6 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The end entities in an IoT system are billions of hardware devices, which could be RFID tags, sensor devices, barcodes, or 2D codes residing in personal area networks, home area networks, or industrial automation networks using quite different network protocols [Levis 2015]. There are a variety of existing methods of hardware attacks targeting these IoT end entities, including glitching [Korczyc and Krasniewski 2012], power analysis [Lerman et al 2014], UV attacks , microscopy [Stellari et al 2014], fault injection [Delvaux and Verbauwhede 2014], voltage contrast [Kison et al 2015], magnetic scan [Skorobogatov 2014], and reverse engineering ]. Most of the aforementioned attacks can also be categorized into side-channel attacks, which break the system security based on an extra source of information from hardware, such as power consumption, electromagnetic leaks, or even sound [Rostami et al 2014].…”

Section: Securitymentioning

confidence: 99%

Fundamental Challenges Toward Making the IoT a Reachable Reality

Xue

Nazarian

et al. 2017

ACM Trans. Des. Autom. Electron. Syst.

View full text Add to dashboard Cite

Constantly advancing integration capability is paving the way for the construction of the extremely large scale continuum of the Internet where entities or things from vastly varied domains are uniquely addressable and interacting seamlessly to form a giant networked system of systems known as the Internet-of-Things (IoT). In contrast to this visionary networked system paradigm, prior research efforts on the IoT are still very fragmented and confined to disjoint explorations of different applications, architecture, security, services, protocol, and economical domains, thus preventing design exploration and optimization from a unified and global perspective. In this context, this survey article first proposes a mathematical modeling framework that is rich in expressivity to capture IoT characteristics from a global perspective. It also sets forward a set of fundamental challenges in sensing, decentralized computation, robustness, energy efficiency, and hardware security based on the proposed modeling framework. Possible solutions are discussed to shed light on future development of the IoT system paradigm. . 2017. Fundamental challenges toward making IoT a reachable reality: A model-centric investigation.

show abstract

Section: Securitymentioning

confidence: 99%

Fundamental Challenges Toward Making the IoT a Reachable Reality

Xue

Nazarian

et al. 2017

ACM Trans. Des. Autom. Electron. Syst.

View full text Add to dashboard Cite

show abstract

“…Also knowing the Region of Interest (ROI) is beneficial as the planar surface can be reduced significantly. In such cases, the reverse engineer can pinpoint his ROI while neglecting the rest of the chip [16]. Furthermore, every chip has different chip manufacturing processes due to cost optimizations or technology node requirements.…”

Section: B Chip-level Reverse Engineeringmentioning

confidence: 99%

Section: B Chip-level Reverse Engineeringmentioning

confidence: 99%

Hardware reverse engineering: Overview and open challenges

Fyrbiak

Strauß

Kison

et al. 2017

2017 IEEE 2nd International Verification and Security Workshop (IVSW)

Self Cite

View full text Add to dashboard Cite

Hardware reverse engineering is a universal tool for both legitimate and illegitimate purposes. On the one hand, it supports confirmation of IP infringement and detection of circuit malicious manipulations, on the other hand it provides adversaries with crucial information to plagiarize designs, infringe on IP, or implant hardware Trojans into a target circuit. Although reverse engineering is commonplace in practice, the quantification of its complexity is an unsolved problem to date since both technical and human factors have to be accounted for. A sophisticated understanding of this complexity is crucial in order to provide a reasonable threat estimation and to develop sound countermeasures, i.e. obfuscation transformations of the target circuit, to mitigate risks for the modern IC landscape.The contribution of our work is threefold: first, we systematically study the current research branches related to hardware reverse engineering ranging from decapsulation to gate-level netlist analysis. Based on our overview, we formulate several open research questions to scientifically quantify reverse engineering, including technical and human factors. Second, we survey research on problem solving and on the acquisition of expertise and discuss its potential to quantify human factors in reverse engineering. Third, we propose novel directions for future interdisciplinary research encompassing both technical and psychological perspectives that hold the promise to holistically capture the complexity of hardware reverse engineering.

show abstract

“…Indeed, when the noise is normal and independent from one trace to the other, the SNR increases linearly with the number of collected traces. Alternatively, new side-channels, such as photonic analysis [23] or voltage contrast microscopy [16], can also overcome the decreasing feature size of recent CMOS technologies. -For fault injection attacks:…”

Section: "Cmos Scaling" Factormentioning

confidence: 99%

Impacts of Technology Trends on Physical Attacks?

Maurine

Guilley

2017

Constructive Side-Channel Analysis and Secure Design

View full text Add to dashboard Cite

Chip fabrication technologies evolve at an explosive rate. Notwithstanding, we analyze that attacks on smartcard chips are almost not impacted: only the architecture which gets more complex (e.g., the devices transition from mono-to multi-core) and the advanced design solutions (adaptative voltage and frequency scaling, multiple clock domains, asynchronicity, etc.) somehow make attacks slightly more complex. The situation is different for chips tightly integrated in embedded devices, such as smartphone chips. Indeed, the chips size and complexity increase drastically, and thus attacks identification phase becomes extremely hard. In addition, the chip targetted by the attacks is usually stacked with other chips (like the memory), which makes access to leakages and injection of faults a challenging task. Therefore, we conclude that there is a clear gain of security in the future to use smartphones as secure elements. Attacks at printed circuit board level associated with signal processing and machine learning could question this conclusion. Also, as a perspective, we notice that new kinds of attacks become possible on smartphones. Those devices being intrinsically connected, the new side-channel and fault injection attacks are realized not physically, but in software (controlled from an external center attack process): such attacks are called microarchitectural cache timing attacks (regarding side-channels) and RowHammer attacks (regarding fault injections). We predict increasing progress in those cyberattack threats.

show abstract

Finding the AES Bits in the Haystack: Reverse Engineering and SCA Using Voltage Contrast

Cited by 7 publications

References 26 publications

Fundamental Challenges Toward Making the IoT a Reachable Reality

Fundamental Challenges Toward Making the IoT a Reachable Reality

Hardware reverse engineering: Overview and open challenges

Impacts of Technology Trends on Physical Attacks?

Contact Info

Product

Resources

About