Securing Sensor Nodes Against Side Channel Attacks

Side channel attacks are non-invasive attacks in which adversaries gain confidential information by passively observing the target computing device. Sensor nodes are particularly vulnerable to side channel attacks due to the lack of protective physical shielding and their deployment in open environments. As sensor nodes are increasingly being deployed in safety critical applications such as power grid, volcano monitoring, and even military applications, protecting sensor nodes from side channel attacks is critical. However, side channel attacks on sensor nodes have not been investigated in previous work. In this paper, we present a taxonomy of side channel attacks on sensor nodes. For each type of the attacks, we provide guidelines and approaches to thwart the attack. We also propose a new technique, called process obfuscation, which can be used as a countermeasure for a variety of side channel attacks on sensor nodes. Furthermore, to demonstrate the feasibility of side channel attacks, we conducted electromagnetic leakage attacks, a type of side channel attack, on popular Tmote-sky sensor nodes using commercially available equipment.

[1]  Marc Joye,et al.  Low-cost solutions for preventing simple side-channel analysis: side-channel atomicity , 2004, IEEE Transactions on Computers.

[2]  George S. Taylor,et al.  Improving smart card security using self-timed circuits , 2002, Proceedings Eighth International Symposium on Asynchronous Circuits and Systems.

[3]  Kristofer S. J. Pister,et al.  Preliminary circuits for Smart Dust , 2000, 2000 Southwest Symposium on Mixed-Signal Design (Cat. No.00EX390).

[4]  Wenliang Du,et al.  Diversify sensor nodes to improve resilience against node compromise , 2006, SASN '06.

[5]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[6]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[7]  S. Shankar Sastry,et al.  A Fine-Grained Taxonomy of Security Vulnerability in Active Network Environments , 2004, ICCSA.

[8]  David E. Culler,et al.  System architecture directions for networked sensors , 2000, SIGP.

[9]  David Naccache,et al.  Blind Attacks on Engineering Samples , 2005, IACR Cryptol. ePrint Arch..

[10]  David A. Umphress,et al.  Information leakage from optical emanations , 2002, TSEC.

[11]  Silvio Micali,et al.  Physically Observable Cryptography (Extended Abstract) , 2004, Theory of Cryptography Conference.

[12]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[13]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[14]  Markus G. Kuhn,et al.  Soft Tempest: Hidden Data Transmission Using Electromagnetic Emanations , 1998, Information Hiding.

[15]  Douglas Low,et al.  Protecting Java code via code obfuscation , 1998, CROS.

[16]  Louis Goubin,et al.  A Sound Method for Switching between Boolean and Arithmetic Masking , 2001, CHES.

[17]  François-Xavier Standaert,et al.  Introduction to Side-Channel Attacks , 2010, Secure Integrated Circuits and Systems.

[18]  Yuval Ishai,et al.  Private Circuits II: Keeping Secrets in Tamperable Circuits , 2006, EUROCRYPT.

[19]  Feng Zhou,et al.  Keyboard acoustic emanations revisited , 2005, CCS '05.

[20]  Arie Yeredor,et al.  Dictionary attacks using keyboard acoustic emanations , 2006, CCS '06.

[21]  Rakesh Agrawal,et al.  Keyboard acoustic emanations , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[22]  Paul C. Kocher Design and Validation Strategies for Obtaining Assurance in Countermeasures to Power Analysis and Related Attacks , 2005 .

[23]  Dakshi Agrawal,et al.  The EM Side-Channel(s) , 2002, CHES.

[24]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[25]  Christian S. Collberg,et al.  A Taxonomy of Obfuscating Transformations , 1997 .

[26]  Tetsu Iwata,et al.  Side Channel Attacks on Message Authentication Codes , 2005, ESAS.

[27]  Jean-Sébastien Coron,et al.  On Boolean and Arithmetic Masking against Differential Power Analysis , 2000, CHES.

[28]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[29]  Louis Goubin,et al.  DES and Differential Power Analysis (The "Duplication" Method) , 1999, CHES.

[30]  Yuval Ishai,et al.  Private Circuits: Securing Hardware against Probing Attacks , 2003, CRYPTO.

[31]  Ingrid Verbauwhede,et al.  Side-channel issues for designing secure hardware implementations , 2005, 11th IEEE International On-Line Testing Symposium.

[32]  Eran Tromer,et al.  Acoustic cryptanalysis : on nosy people and noisy machines , 2004 .

[33]  Christophe Giraud,et al.  An Implementation of DES and AES, Secure against Some Attacks , 2001, CHES.

[34]  Catherine H. Gebotys,et al.  A countermeasure for EM attack of a wireless PDA , 2005, International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II.

[35]  Patrick Schaumont,et al.  A side-channel leakage free coprocessor IC in 0.18/spl mu/m CMOS for embedded AES-based cryptographic and biometric processing , 2005, Proceedings. 42nd Design Automation Conference, 2005..