Ruhr-Uni-Bochum

Automated Probe Repositioning for On-Die EM Measurements

2019

Konferenz / Medium

Autor*innen

Richter, Bastian Moradi, Amir Wild, Alexander

Research Hub

Research Hub B: Eingebettete Sicherheit

Research Challenges

RC 6: Next-Generation Implementation Security

Abstract

In side-channel analysis attacks, on-die localized EM monitoring enable high bandwidth measurements of only a relevant part of the Integrated Circuit (IC). This can lead to improved attacks compared to cases where only power consumption is measured. Combined with profiled attacks which utilize a training phase to create precise models of the information leakage, the attacks can become even more powerful. In contrast, localized EM measurements can cause difficulties in applying the learned models as the probe should be identically positioned for both the training and the attack even when the setup was used otherwise in between. Even small differences in the probe position can lead to significant differences in the recorded signals. In this paper we present an automated system to precisely and efficiently reposition the probe when performing repeated measurements. Based on the training IC, we train a machine learning system to return the position of the probe for a given measurement. By taking a small number of measurements on the IC under attack, we can then obtain the coordinates of the measurements and map it to correct the coordinate system. As the target for our practical analyses, we use an STM32L0 ARMM0+ microcontroller with integrated hardware AES.

Tags

Real-world Attacks
Implementation Attacks