The Practical Implementation of Voltage Contrast as a Diagnostic Tool

Bertsche, Kirk; Charles, Harry K.

doi:10.1109/irps.1982.363039

Cited by 3 publications

(2 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These emitted secondary electrons have usually low energy (0-50 eV), which makes them easily detectable by using a positive electrical-field metal-plate as a detector. Out of the SEM images are the secondary electron images the most widely used, due to their ease of production and similarity to light microscope with improved depth of field [6].…”

Section: Voltage Contrastmentioning

confidence: 99%

“…Note that VC also works with positive ions in a Focused Ion Beam (FIB), since only the difference in charge is important. Using VC with positive ions from a FIB achieves better results 1 and the voltage interpretation of brightness and darkness is reversed compared to the SEM VC [5][6][7]. VC analysis needs the chip to be depackaged to gain access to the die surface.…”

Section: Voltage Contrastmentioning

confidence: 99%

See 1 more Smart Citation

Finding the AES Bits in the Haystack: Reverse Engineering and SCA Using Voltage Contrast

Kison

Frinken

Paar

2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

In this paper, we demonstrate how the Scanning Electron Microscope (SEM) becomes a powerful tool for Side Channel Analysis (SCA) and Hardware Reverse Engineering. We locate the AES hardware circuit of a XMEGA microprocessor with Capacitive-Coupled Voltage Contrast (CCVC) images and use them in a powerful Voltage Contrast Side Channel Analysis (VCSCA). This enables an attacker to locate AES bit-wires in the top metal-layer and thus, to recover valuable netlist information. An attacker gets a valuable entry-point to look for weaknesses or Intellectual Property (IP) in the AES circuit. Additionally we show the great potential of the VCSCA in a non-invasive Side Channel Analysis for Reverse Engineering (SCARE) approach. Finally, we recover the full key of the AES hardware-engine in a practical template-based VCSCA and a no-plaintext, no-ciphertext and no-key Simple Side Channel Analysis (SSCA). We show that future VCSCA attacks present a big hardware security-risk that IC vendors need to consider. Keywords: Side channel analysis• SCA • hw reverse engineering • Voltage contrast • AES • Full key recovery • Scare

show abstract

Section: Voltage Contrastmentioning

confidence: 99%

Section: Voltage Contrastmentioning

confidence: 99%