The security of modern electronic devices relies on secret keys stored on
secure hardware modules as the root-of-trust (RoT). Extracting those keys would
break the security of the entire system. As shown before, sophisticated
side-channel analysis (SCA) attacks, using chip failure analysis (FA)
techniques, can extract data from on-chip memory cells. However, since the
chip’s layout is unknown to the adversary in practice, secret key localization
and reverse engineering are onerous tasks. Consequently, hardware vendors
commonly believe that the ever-growing physical complexity of the integrated
circuit (IC) designs can be a natural barrier against potential adversaries. In
this work, we present a novel approach that can extract the secret key without
any knowledge of the IC’s layout, and independent from the employed memory
technology as key storage. We automate the — traditionally very
labor-intensive — reverse engineering and data extraction process. To that
end, we demonstrate that black-box measurements captured using laser-assisted
SCA techniques from a training device with known key can be used to profile the
device for a later key prediction on other victim devices with unknown keys. To
showcase the potential of our approach, we target keys on three different
hardware platforms, which are utilized as RoT in different products.

Go to Source of this post
Author Of this post: <a href="http://arxiv.org/find/cs/1/au:+Krachenfels_T/0/1/0/all/0/1">Thilo Krachenfels</a>, <a href="http://arxiv.org/find/cs/1/au:+Kiyan_T/0/1/0/all/0/1">Tuba Kiyan</a>, <a href="http://arxiv.org/find/cs/1/au:+Tajik_S/0/1/0/all/0/1">Shahin Tajik</a>, <a href="http://arxiv.org/find/cs/1/au:+Seifert_J/0/1/0/all/0/1">Jean-Pierre Seifert</a>

By admin