SCNIFFER: Low-Cost, Automated, Efficient Electromagnetic Side-Channel Sniffing

Electromagnetic (EM) side-channel analysis (SCA) is a prominent tool to break mathematically-secure cryptographic engines, especially on resource-constrained devices. Presently, to perform EM SCA on an embedded device, the entire chip is manually scanned and the MTD (Minimum Traces to Disclosure) analysis is performed at each point on the chip to reveal the secret key of the encryption algorithm. However, an automated end-to-end framework for EM leakage localization, trace acquisition, and attack has been missing. This work proposes <monospace>SCNIFFER</monospace>: a low-cost, automated EM Side Channel leakage SNIFFing platform to perform efficient end-to-end Side-Channel attacks. Using a leakage measure such as Test Vector Leakage Assessment (TVLA), or the signal to noise ratio (SNR), we propose a greedy gradient-search heuristic that converges to one of the points of highest EM leakage on the chip (dimension: <inline-formula> <tex-math notation="LaTeX">$N \times N$ </tex-math></inline-formula>) within <inline-formula> <tex-math notation="LaTeX">$O(N)$ </tex-math></inline-formula> iterations, and then perform Correlational EM Analysis (CEMA) at that point. This reduces the CEMA attack time by <inline-formula> <tex-math notation="LaTeX">$\sim N$ </tex-math></inline-formula> times compared to an exhaustive MTD analysis, and by <inline-formula> <tex-math notation="LaTeX">$> 20\times $ </tex-math></inline-formula> compared to choosing an attack location at random. We demonstrate <monospace>SCNIFFER</monospace> using a low-cost custom-built 3-D scanner with an H-field probe (<$500) compared to >$50, 000 commercial EM scanners, and a variety of microcontrollers as the devices under attack. The <monospace>SCNIFFER</monospace> framework is evaluated for several cryptographic algorithms (AES-128, DES, RSA) running on both an 8-bit Atmega microcontroller and a 32-bit ARM microcontroller to find a point of high leakage and then perform a CEMA at that point.

[1]  Dakshi Agrawal,et al.  The EM Side-Channel(s) , 2002, CHES.

[2]  Zhizhang Chen,et al.  ChipWhisperer: An Open-Source Platform for Hardware Embedded Security Research , 2014, COSADE.

[3]  FRANÇOIS-XAVIER STANDAERT,et al.  An Overview of Power Analysis Attacks Against Field Programmable Gate Arrays , 2006, Proceedings of the IEEE.

[4]  Adi Shamir,et al.  IoT Goes Nuclear: Creating a ZigBee Chain Reaction , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[5]  Shreyas Sen,et al.  STELLAR: A Generic EM Side-Channel Attack Protection through Ground-Up Root-cause Analysis , 2019, 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[6]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[7]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[8]  Benedikt Heinz,et al.  Strengths and Limitations of High-Resolution Electromagnetic Field Measurements for Side-Channel Analysis , 2012, CARDIS.

[9]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[10]  Lionel Torres,et al.  Modeling Time Domain Magnetic Emissions of ICs , 2010, PATMOS.

[11]  Leak Me If You Can : Does TVLA Reveal Success Rate ? , 2017 .

[12]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[13]  Joos Vandewalle,et al.  Machine learning in side-channel analysis: a first study , 2011, Journal of Cryptographic Engineering.

[14]  Georg Sigl,et al.  Dividing the threshold: Multi-probe localized EM analysis on threshold implementations , 2018, 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[15]  Debdeep Mukhopadhyay,et al.  CC Meets FIPS: A Hybrid Test Methodology for First Order Side Channel Analysis , 2019, IEEE Transactions on Computers.

[16]  Benedikt Heinz,et al.  Localized Electromagnetic Analysis of Cryptographic Implementations , 2012, CT-RSA.

[17]  Christof Paar,et al.  EM Side-Channel Attacks on Commercial Contactless Smartcards Using Low-Cost Equipment , 2009, WISA.

[18]  Daniel Genkin,et al.  Stealing Keys from PCs Using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation , 2015, CHES.

[19]  Daniel Genkin,et al.  ECDH Key-Extraction via Low-Bandwidth Electromagnetic Attacks on PCs , 2016, CT-RSA.

[20]  P. Rohatgi,et al.  Test Vector Leakage Assessment ( TVLA ) methodology in practice , 2013 .

[21]  Máire O'Neill,et al.  Neural network based attack on a masked implementation of AES , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[22]  Adam Matthews,et al.  Low Cost Attacks on Smart Cards , 2006 .

[23]  Shreyas Sen,et al.  STELLAR: A Generic EM Side-Channel Attack Protection through Ground-Up Root-cause Analysis , 2019, HOST.

[24]  Vishnuvardhan V. Iyer,et al.  An Adaptive Acquisition Approach to Localize Electromagnetic Information Leakage from Cryptographic Modules , 2019, 2019 IEEE Texas Symposium on Wireless and Microwave Circuits and Systems (WMCS).

[25]  Sylvain Guilley,et al.  Electromagnetic Radiations of FPGAs: High Spatial Resolution Cartography and Attack on a Cryptographic Module , 2009, TRETS.

[26]  Stefan Mangard,et al.  Hardware Countermeasures against DPA ? A Statistical Analysis of Their Effectiveness , 2004, CT-RSA.

[27]  Blaise Ravelo,et al.  Fully Time-domain Scanning of EM Near-Field Radiated by RF Circuits , 2014 .

[28]  Shreyas Sen,et al.  X-DeepSCA: Cross-Device Deep Learning Side Channel Attack* , 2019, 2019 56th ACM/IEEE Design Automation Conference (DAC).

[29]  Johann Heyszl,et al.  Dissecting Leakage Resilient PRFs with Multivariate Localized EM Attacks - A Practical Security Evaluation on FPGA , 2017, IACR Cryptol. ePrint Arch..

[30]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.