Using Power Clues to Hack IoT Devices: The power side channel provides for instruction-level disassembly.

The field of consumer electronics (CE) has gone digital, inheriting all the security problems of the digital world in the process. The Internet of Things (IoT) class of CE devices is still in a very early adoption phase. Physical side channels are a bigger vulnerability for this class of devices than traditional security threats that exploit protocol, algorithm, or program weaknesses. Interestingly, the assembly-level program executing within a device can be reconstructed only through power sidechannel observations. This instruction-level disassembly is an emerging power side-channel threat.

[1]  Dakshi Agrawal,et al.  Multi-channel Attacks , 2003, CHES.

[2]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[3]  Pankaj Rohatgi,et al.  Introduction to differential power analysis , 2011, Journal of Cryptographic Engineering.

[4]  Marina L. Gavrilova,et al.  Transactions on Computational Science X - Special Issue on Security in Computing, Part I , 2010, Trans. Comput. Sci..

[5]  Sylvain Guilley,et al.  Wavelet transform based pre-processing for side channel analysis , 2012, 2012 45th Annual IEEE/ACM International Symposium on Microarchitecture Workshops.

[6]  Hong Liu,et al.  Practicality of Using Side-Channel Analysis for Software Integrity Checking of Embedded Systems , 2015, SecureComm.

[7]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[8]  David A. Patterson,et al.  Computer Architecture - A Quantitative Approach, 5th Edition , 1996 .

[9]  François-Xavier Standaert,et al.  Using Subspace-Based Template Attacks to Compare and Combine Power and Electromagnetic Information Leakages , 2008, CHES.

[10]  Marina L. Gavrilova,et al.  Transactions on Computational Science XX , 2013, Lecture Notes in Computer Science.

[11]  Christof Paar,et al.  SCANDALee: A side-ChANnel-based DisAssembLer using local electromagnetic emanations , 2015, 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[12]  Keith Mayes,et al.  Precise Instruction-Level Side Channel Profiling of Embedded Processors , 2014, ISPEC.

[13]  Vladimir N. Vapnik,et al.  The Nature of Statistical Learning Theory , 2000, Statistics for Engineering and Information Science.