When I've presented side-channel power analysis attacks, I always use an oscilloscope or ADC that measures analog voltage variations. This is logical because side-channel power analysis attacks exploit the small changes in device power when it executes different instructions or even processes different data. This made it seem like a purely analog attack. Attackers need measurement access, such as a shunt resistor or electromagnetic probe. But what if attackers could use a purely digital interface, one that is already on your board, like the JTAG interface?
Things you always thought were safe might have hidden dangers. In this case, I will show you how a a side-channel power analysis attack occurs through the JTAG interface. But first, the background.
Back in the March 2024 issue of Circuit Cellar (Issue 404, "It's About Time: When Timing Attacks Reveal Power Usage), I recreated the work of a paper presented at CHES 2023 titled "JitSCA: Jitter-based Side-Channel Analysis in Picoscale Resolution", by Kai Schoos, Sergej Meschkov, Mehdi B. Tahoori, and Dennis R. E. Gnad.[1] In this article, I will present an extension of my talk at CHES 2024. If you want to see the full article entitled "Phase Modulation Side Channels: Jittery JTAG for On-Chip Voltage Measurements"[2] use a link to both the original paper and my extension available in article resources.
PHASE MODULATION LEAKAGE
In my March 2024 column, I recreated the JitSCA paper to demonstrate how small changes in the phase of a clock directly leak a power trace. In the previous column, I used a basic voltage divider; here, I'm using an RF mixer component. While RF mixers are normally used to create a signal based on frequency differences, they will also give an output related to a phase difference of two signals.
この記事は Circuit Cellar の September 2024 版に掲載されています。
7 日間の Magzter GOLD 無料トライアルを開始して、何千もの厳選されたプレミアム ストーリー、9,000 以上の雑誌や新聞にアクセスしてください。
すでに購読者です ? サインイン
この記事は Circuit Cellar の September 2024 版に掲載されています。
7 日間の Magzter GOLD 無料トライアルを開始して、何千もの厳選されたプレミアム ストーリー、9,000 以上の雑誌や新聞にアクセスしてください。
すでに購読者です? サインイン
Bringing Cost-Effective, On-Device AI to Home Appliances - Sparse Weights and Interactions Negate GPUs and Cloud Computing
GPU silicon and cloud computing infrastructure are too costly for mass markets devices like refrigerators and washers. By deploying compute resources only to the necessary parts of AI inference, Sparse AI allows product designers to practically incorporate new AI features like natural voice interfaces into their consumer offerings without breaking the bank or electric bill surprises.
Thin Film Transistor LED Displays - Visual I/O
To add a resistive touchscreen on top of a TFT display, Jeff explores the technology offerings and libraries needed to accomplish his task. Calibrating the touchscreen's computed coordinates with the actual pixel coordinates of the display proved difficult with a modular framework but separating functions allows easy expansion.
Mobile APP Development with React Native
This month, Bob continues his series on mobile app development from an embedded designer's perspective. He programs a React Native app and he offers guidelines for picking a tutorial for React Native. He further explores how it handles concurrency and asynchronous programming. Bob expected a few nuances during the process but to say there were more than a few would be an understatement.
Power Analysis Over JTAG Ports: Hidden Debug Dangers - Block Side-Channel Analysis Attacks
Small changes in the phase of clock signals can encode power leakages. An attacker can use standard interfaces such as the JTAG port to drive clocks across targets, using them as measurement techniques for sidechannel analysis attacks despite limited physical access. This article demonstrates how you can test devices for vulnerability and how to modify devices to prevent attacks.
The Blues Wireless Notecard-LoRa
After having built a number of Wi-Fi IoT gadgets for the home, Brian became curious to see how LoRaWAN-based IoT devices would work. He decided to investigate the Notecard LoRa IoT modules made by Blues Wireless.
IoT Protection with MCU Security - Ward Off Attacks with Trust Zones, Encryption, Secure Keys and Tamper Detection
Security breaches jumped 107 percent as malevolent forces increasingly focused on IoT devices for side attacks, IP and data theft. Semiconductor vendors supplying on-chip cryptography, memory protection, unclonable technology, random number generation and other measures hope to shut the door on attackers.
Fill AI with Computer Vision - On the Leading Edge of Adoption in Industrial IoT
In just about any factory, production lines hum along like a symphonic orchestra. However, makers of artificial intelligence hardware are pushing transformative technology with mind-boggling productivity gains to unlock unrealized potential. Just how fast will AI seamlessly integrate into the means of production?
No Blues with Bluetooth! GATT Explained - Part 5 - Understanding Higher Protocol Layers Provides Interoperability Help
After exploring low-level layers of Bluetooth Low Energy in previous editions, and establishing connections in Part 4, Robert examines Attribute Protocol and Generic Attribute Profile or GATT in Part 5. These higher layer protocols provide developers with greater opportunity for interoperability with third-party applications or products.
Retro-style Miniature Sports Scoreboard - RGB LED Matrix and Raspberry Pi Provide In-Game Updates
This Cornell University graduate describes how he built a miniature, retrostyle scoreboard that pulls and displays live college and professional sports scores from the ESPN API-bringing the excitement of being at a sporting event to your living room. Pre-game information, in-game scores, and post-game results are displayed on a built-in PiTFT touchscreen.
Exploring Infrasound - Tornado Early Warning Detection Project Using Raspberry Pi Pico and a Python Supervisory Program
Inspired by the possibility of building an early warning system for tornadoes, Dev developed an infrasound detector. Tornadoes are rare in his area, but his detector found other infrasound activity using sensor circuitry based on a Raspberry Pi Pico, combined with a Python supervisory program that stores data on a computer for analysis.