Understanding Side Channel Attack Basics
Learn the basics of side channel attacks (SCAs), the threat they pose security for hardware-level security, and why they can be so powerful.
In electronic systems, security is often thought of exclusively at the software level.
People generally consider exploits like trojan horses, malware, and other forms of hacking to be the biggest threats; however, security takes on a whole new meaning from the perspective of an EE.
In reality, many of the biggest security threats are hardware-based, where attackers can steal information directly from the hardware that our secure and encrypted software runs on.
One of the most potent hardware security threats is side channel attacks.
In this article, we'll introduce the concept of SCAs, how they work, and why they're so powerful.
What is a Side Channel Attack?
Many forms of security exploits, both hardware and software, often focus on stealing secret information directly.
On the other hand, side channel attacks are a classification of hardware-security attacks that focus on stealing information indirectly by exploiting unintended information leakages.
As the name suggests, SCAs don't obtain information by stealing it directly. They instead steal it via "side channels." Examples of SCAs can be seen in Figure 1.
Figure 1. A high-level overview of a side channel attack. Image used courtesy of R. Vanathi and SP. Chokkalingam
SCAs are so prevalent because electronics systems inherently have an abundance of leakages (i.e., side channels).
Some of these side channels include:
- Power: All electronic devices are supplied power through a power rail. In a power-based side channel attack, an attacker would monitor a device’s power rails during operation for either current draw or fluctuations in voltage to steal information.
- Electromagnetic (EM) Radiation: As Faraday's Law defines, electric currents generate a corresponding magnetic field. An EM-based side channel attack, shown in Figure 2, leverages this fact by monitoring the EM radiation emitted from a device during operation to steal information.
- Timing Attacks: In cryptographic implementations, different mathematical operations may take varying amounts of time to compute based on inputs, key values, and the operation themselves. Timing attacks seek to exploit these timing variations to steal information.
Figure 2. An EM attack setup where the attacker is placing an antenna directly above a device’s processor. Image used courtesy of Sayakkara et al
Side Channel Attack Example
To better understand how a side channel attack might work, we'll look at an over-simplistic but helpful example.
Consider a CMOS inverter, as shown in Figure 3. In this example, consider that the input to the inverter is a binary string representing sensitive data, say a cryptographic key, and the attacker's goal is to figure out what this key is.
Figure 3. A CMOS inverter is driven by a square wave
Further, assume that the attacker does not have direct probing access to both the input and output (the input and output, in this example, would be the direct-channel).
This assumption may be realistic, as the logic gates and copper conductors within an integrated circuit are hidden by device packaging and cannot be directly probed without decapsulation. However, in this situation, our attacker has access to the device's power rail, which is a realistic assumption as power rails are often global and provided to the IC on the PCB level (i.e., the attacker can probe the power rail directly on the PCB).
By performing a power-based side channel attack, our adversary can figure out the input string simply by probing the current draw from the 3.3 V power rail (or equivalently by probing the current return to ground).
Looking at the input and power waveforms in Figure 4, we can see a deterministic pattern in the device's current consumption. When there is a high to low transition (1 to 0) in the input, there is a spike in the device's current draw.
Figure 4. The top plot shows the input signal, the bottom plot shows the inverter’s current draw from the 3.3V rail.
From looking exclusively at the current waveforms, our attacker can quickly determine that the input signal must be 10101010. In this way, the attacker exploits a side channel, successfully stealing our secret key without knowing any other prior information about the input, output, or what operation the device is performing.
What Makes Side Channel Attacks So Powerful?
Side channel attacks are a uniquely powerful form of attack for a variety of reasons.
Firstly, SCAs are so powerful because they are hard to prevent. SCAs exploit electronics' unintended and largely unavoidable behavior—things like a device's power consumption and EM radiation are inherent and unavoidable.
At best, a designer can obscure these side channels, but they can never remove them completely, making SCAs very hard to prevent. Another reason is that many SCAs are very hard to detect.
Since many SCAs, like an EM attack, are passive and non-invasive, an attacker using doesn't need to interfere with the device at all physically. For this reason, it is near impossible, from an electrical standpoint, to detect that your device is under attack or that it was previously compromised.
Finally, SCAs are becoming increasingly powerful today thanks to the development of Machine Learning (ML). Whereas historical SCAs required rigorous, statistical analysis of leakage information, many of today's side-channel attacks leverage ML instead.
By training an ML model with a large enough dataset of leakage information, attackers can develop potent and easy-to-use attacks.
Not being a computer expert, a question I have is how does a hacker actually measure the power consumption, or EM radiation? Does part of the main HD, or Windows, Apple computer program incorporate sensing power consumption or EM radiation?
Thanks for your article, help, and time.