Power Analysis Over JTAG Ports: Hidden Debug Dangers - Block Side-Channel Analysis Attacks
Circuit Cellar|September 2024
Small changes in the phase of clock signals can encode power leakages. An attacker can use standard interfaces such as the JTAG port to drive clocks across targets, using them as measurement techniques for sidechannel analysis attacks despite limited physical access. This article demonstrates how you can test devices for vulnerability and how to modify devices to prevent attacks.
Colin O'Flynn
Power Analysis Over JTAG Ports: Hidden Debug Dangers - Block Side-Channel Analysis Attacks

When I've presented side-channel power analysis attacks, I always use an oscilloscope or ADC that measures analog voltage variations. This is logical because side-channel power analysis attacks exploit the small changes in device power when it executes different instructions or even processes different data. This made it seem like a purely analog attack. Attackers need measurement access, such as a shunt resistor or electromagnetic probe. But what if attackers could use a purely digital interface, one that is already on your board, like the JTAG interface?

Things you always thought were safe might have hidden dangers. In this case, I will show you how a a side-channel power analysis attack occurs through the JTAG interface. But first, the background.

Back in the March 2024 issue of Circuit Cellar (Issue 404, "It's About Time: When Timing Attacks Reveal Power Usage), I recreated the work of a paper presented at CHES 2023 titled "JitSCA: Jitter-based Side-Channel Analysis in Picoscale Resolution", by Kai Schoos, Sergej Meschkov, Mehdi B. Tahoori, and Dennis R. E. Gnad.[1] In this article, I will present an extension of my talk at CHES 2024. If you want to see the full article entitled "Phase Modulation Side Channels: Jittery JTAG for On-Chip Voltage Measurements"[2] use a link to both the original paper and my extension available in article resources.

PHASE MODULATION LEAKAGE

In my March 2024 column, I recreated the JitSCA paper to demonstrate how small changes in the phase of a clock directly leak a power trace. In the previous column, I used a basic voltage divider; here, I'm using an RF mixer component. While RF mixers are normally used to create a signal based on frequency differences, they will also give an output related to a phase difference of two signals.

هذه القصة مأخوذة من طبعة September 2024 من Circuit Cellar.

ابدأ النسخة التجريبية المجانية من Magzter GOLD لمدة 7 أيام للوصول إلى آلاف القصص المتميزة المنسقة وأكثر من 9,000 مجلة وصحيفة.

هذه القصة مأخوذة من طبعة September 2024 من Circuit Cellar.

ابدأ النسخة التجريبية المجانية من Magzter GOLD لمدة 7 أيام للوصول إلى آلاف القصص المتميزة المنسقة وأكثر من 9,000 مجلة وصحيفة.

المزيد من القصص من CIRCUIT CELLAR مشاهدة الكل
As a 'Matter of Fact
Circuit Cellar

As a 'Matter of Fact

Inside atest Home Control Consolidation Attempt via Google Home and Matter-over-Thread

time-read
10+ mins  |
November 2024
Industrial Computers Boost Machine Vision Systems
Circuit Cellar

Industrial Computers Boost Machine Vision Systems

GPU and CPU Performance Drive Rugged Industrial Platforms

time-read
6 mins  |
November 2024
Infineon Introduces Industry's First 20 Gbps Universal USB Peripheral Controller
Circuit Cellar

Infineon Introduces Industry's First 20 Gbps Universal USB Peripheral Controller

Infineon Technologies announced the addition of the EZUSBTM FX20 programmable USB peripheral controller to its EZ-USB product family.

time-read
1 min  |
November 2024
Microchip Makes it Easier to Build Sophisticated GUIs for MPLAB Harmony v3 and Linux Environments
Circuit Cellar

Microchip Makes it Easier to Build Sophisticated GUIs for MPLAB Harmony v3 and Linux Environments

Designers are incorporating Graphical User Interfaces, or GUIs, into more electronic devices to enhance the user experience by providing intuitive and visually appealing interactions with today's modern applications.

time-read
1 min  |
November 2024
Entertainment On Wheels
Circuit Cellar

Entertainment On Wheels

In-Dash Panels Control Head Units, Multiple Displays, Cameras and Sensors

time-read
10+ mins  |
November 2024
Using Amazon Alexa to Control Custom IoT Gadgets
Circuit Cellar

Using Amazon Alexa to Control Custom IoT Gadgets

Integrating Voice Recognition for Smart Home Projects

time-read
10+ mins  |
November 2024
Datasheet: Power Up With DC-DC Converters
Circuit Cellar

Datasheet: Power Up With DC-DC Converters

Application Types Drive Parameters Beyond Efficiency and Density

time-read
3 mins  |
November 2024
D&D Die Roller with Raspberry PI RP2040
Circuit Cellar

D&D Die Roller with Raspberry PI RP2040

Fantastical Project Built with MCU TFT Display and LVGL Graphics

time-read
10+ mins  |
November 2024
No Blues with Bluetooth!
Circuit Cellar

No Blues with Bluetooth!

Part 6: Bluetooth Cybersecurity Basics

time-read
10+ mins  |
November 2024
LoRaWAN Goes the Distance at Low Power
Circuit Cellar

LoRaWAN Goes the Distance at Low Power

IoT’s Versatile Protocol for Long-Range, Wide-Area Connectivity

time-read
10+ mins  |
November 2024