Power Side Channels in Security ICs: Hardware Countermeasures

Power side-channel attacks are a very effective cryptanalysis technique that can infer secret keys of security ICs by monitoring the power consumption. Since the emergence of practical attacks in the late 90s, they have been a major threat to many cryptographic-equipped devices including smart cards, encrypted FPGA designs, and mobile phones. Designers and manufacturers of cryptographic devices have in response developed various countermeasures for protection. Attacking methods have also evolved to counteract resistant implementations. This paper reviews foundational power analysis attack techniques and examines a variety of hardware design mitigations. The aim is to highlight exposed vulnerabilities in hardware-based countermeasures for future more secure implementations

Systematic Literature Review of EM-SCA Attacks on Encryption

Cryptography is vital for data security, but cryptographic algorithms can still be vulnerable to side-channel attacks (SCAs), physical assaults exploiting power consumption and EM radiation. SCAs pose a significant threat to cryptographic integrity, compromising device keys. While literature on SCAs focuses on real-world devices, the rise of sophisticated devices necessitates fresh approaches. Electromagnetic side-channel analysis (EM-SCA) gathers information by monitoring EM radiation, capable of retrieving encryption keys and detecting malicious activity. This study evaluates EM-SCA's impact on encryption across scenarios and explores its role in digital forensics and law enforcement. Addressing encryption susceptibility to EM-SCA can empower forensic investigators in overcoming encryption challenges, maintaining their crucial role in law enforcement. Additionally, the paper defines EM-SCA's current state in attacking encryption, highlighting vulnerable and resistant encryption algorithms and devices, and promising EM-SCA approaches. This study offers a comprehensive analysis of EM-SCA in law enforcement and digital forensics, suggesting avenues for further research

Machine Learning-Based Side-Channel Analysis on the Advanced Encryption Standard

Hardware security is essential in keeping sensitive information private. Because of this, it’s imperative that we evaluate the ability of cryptosystems to withstand cutting edge attacks. Doing so encourages the development of countermeasures and new methods of data protection as needed. In this thesis, we present our findings of an evaluation of the Advanced Encryption Standard, particularly unmasked and masked AES-128, implemented in software on an STM32F415 microcontroller unit (MCU), against machine learning-based side-channel analysis (MLSCA). 12 machine learning classifiers were used in combination with a side-channel leakage model in the context of four scenarios: profiling one device and key and attacking the same device with the same key, profiling one device and key and attacking a different device with the same key, profiling one device and key and attacking the same device with a different key, and profiling one device and key and attacking a different device with a different key. We found that unmasked AES-128 can be very vulnerable to this form of attack and that masking can be applied as a countermeasure to successfully prevent attacks in 2 out of the 4 tested scenarios. In addition to providing our experimental results on the following pages, we also plan to release a public GitHub repository with all of our collected side-channel data along with sample analysis code shortly after the time of writing this. We hope that doing so will allow for complete reproducibility of our results and encourage future research without the need for purchasing hardware equipment