A Sliding Window Phase-Only Correlation Method for Side-Channel Alignment in a Smartphone

Future wireless embedded devices will be increasingly powerful, supporting many more applications including one of the most crucial, security. Although many embedded devices offer resistance to bus probing attacks due to their compact size and high levels of integration, susceptibility to attacks on their electromagnetic side channel must be analyzed. This side channel is often quite complex to analyze due to the complexities of the embedded device including operating system, interrupts, and so forth. This article presents a new methodology for analyzing a complex system's vulnerability to the EM side channel. The methodology proposes a sliding window phase-only correlation method for aligning electromagnetic emanations from a complex smartphone running native code utilizing an on-chip cache. Unlike previous research, experimental results demonstrate that data written to on-chip cache within an advanced 312MHz 0.13um processor executing AES can be attacked utilizing this new methodology. Furthermore, for the first time, it has been shown that the point of side-channel attack is not a spike of increased EM but an area of low EM amplitude, unlike what is noted in previous findings. This research is important for advancing side-channel analysis understanding in complex embedded processors and ensuring secure implementations in future embedded ubiquitous devices.

[1]  Máire O'Neill,et al.  Variable window power spectral density attack , 2011, 2011 IEEE International Workshop on Information Forensics and Security.

[2]  Gareth M. James Curve alignment by moments , 2007, 0712.1425.

[3]  Lejla Batina,et al.  Mutual Information Analysis: a Comprehensive Study , 2011, Journal of Cryptology.

[4]  François-Xavier Standaert,et al.  Mutual Information Analysis: How, When and Why? , 2009, CHES.

[5]  Catherine H. Gebotys,et al.  EM analysis of a wireless Java-based PDA , 2008, TECS.

[6]  Hovav Shacham,et al.  Are AES x86 cache timing attacks still feasible? , 2012, CCSW '12.

[7]  Peter Marwedel,et al.  Scratchpad memory: a design alternative for cache on-chip memory in embedded systems , 2002, Proceedings of the Tenth International Symposium on Hardware/Software Codesign. CODES 2002 (IEEE Cat. No.02TH8627).

[8]  Peter Marwedel,et al.  Assigning program and data objects to scratchpad for energy reduction , 2002, Proceedings 2002 Design, Automation and Test in Europe Conference and Exhibition.

[9]  Kevin Skadron,et al.  Scaling with Design Constraints: Predicting the Future of Big Chips , 2011, IEEE Micro.

[10]  Christophe Clavier,et al.  Differential Power Analysis in the Presence of Hardware Countermeasures , 2000, CHES.

[11]  Stan Salvador,et al.  FastDTW: Toward Accurate Dynamic Time Warping in Linear Time and Space , 2004 .

[12]  Sylvain Guilley,et al.  Formal Framework for the Evaluation of Waveform Resynchronization Algorithms , 2011, WISTP.

[13]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[14]  Bart Preneel,et al.  Mutual Information Analysis , 2008, CHES.

[15]  Sylvain Guilley,et al.  “Re-synchronization by moments”: An efficient solution to align Side-Channel traces , 2011, 2011 IEEE International Workshop on Information Forensics and Security.

[16]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[17]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[18]  Xin Li,et al.  Accurate Video Alignment Using Phase Correlation , 2006, IEEE Signal Processing Letters.

[19]  Lejla Batina,et al.  Comparative Evaluation of Rank Correlation Based DPA on an AES Prototype Chip , 2008, ISC.

[20]  Andrzej K. Brodzik Phase-only filtering for the masses (of DNA Data): a new approach to sequence alignment , 2006, IEEE Transactions on Signal Processing.

[21]  C. D. Kuglin,et al.  The phase correlation image alignment method , 1975 .

[22]  Catherine H. Gebotys,et al.  EM Analysis of Rijndael and ECC on a Wireless Java-Based PDA , 2005, CHES.

[23]  Bart Preneel,et al.  Mutual Information Analysis A Generic Side-Channel Distinguisher , 2008 .

[24]  Jasper G. J. van Woudenberg,et al.  Improving Differential Power Analysis by Elastic Alignment , 2011, CT-RSA.

[25]  Akashi Satoh,et al.  High-Resolution Side-Channel Attack Using Phase-Based Waveform Matching , 2006, CHES.