12. Side Channel Attacks

Question 1

modern threat model

Answer 1

1. bypass strong cryptography
2. bypass access privileges and authentication protocols
3. observe physical variables
   - sound
   - voltage
   - current
   - EM radiation

eg.
arduino Uno uses AES-128
AES-128 has 10 rounds of operation
using oscilloscope, able to map wave to operation

Question 2

observing physical variables

Answer 2

1. passive –> use sensor to monitor
   - timings
   - power consumption
   - EM radiation
   - sound, temperature
2. invasive
   - micro probing –> probe bus, read data directly
   - circuit modification –> override security measures
   - photonic emissions
   - attacks are effective but costly

Question 3

side channel attacks

Answer 3

1. based on information gained from physical implementation of system
2. information is leaked unintentionally
3. does not depend on theoretical weakness in application or algorithm
4. not constrained by access privileges
5. requires expensive test environment

Question 4

2 types of side channel attacks

Answer 4

1. power consumption analysis

2. timing analysis

Question 5

power consumption analysis

Answer 5

different power consumption when running, 0s and 1s
power consumption is related to operation and algorithm
2 main techniques
- simple power analysis
- differential power analysis

Question 6

simple power analysis

Answer 6

1. pump in known input
2. observe output
3. measure fluctuation in power consumption across a resistor or capacitor(reduce noise)

operation is in attacker control
protection is tamper proof

eg.
find patterns in the graph
match with numerical operation
match with instructions

Question 7

Hamming weight model

Answer 7

1. binary 0s and 1s have different power consumption
2. 1s uses more power
3. binary with the most 1s should have highest voltage
   4 easier to guess which binary number has which voltage

eg.

4. 15 00001111
5. 25 00011111

when making jump –> access memory location –> semiconductor –> more power used

Question 8

Differential power analysis

Answer 8

1. when key guess is correct, spike in power
2. take samples to reduce noise
3. as many samples are needed, use software to collate, measure, provide statistical correction

guesses one bit at a time

Question 9

Timing analysis attack

Answer 9

1. learn the system secret by observing how long it takes to perform computation
2. goal is to extract private key
3. extremely powerful as isolation does not help
   - target could be remote, inside VM, tamper proof
4. attacker simply monitor input and output response time

able to guess

• bypass operations
• RAM hit/miss
• processor instructions
• algorithms
• command sequences

Question 10

Timing analysis attack: keystrokes

Answer 10

1. focus on touch typing (standard time patterns in typing passwords)
2. data collection
   - pick one random password and ask user to type
   - need large sample

Question 11

Countermeasures for time analysis attack

Answer 11

switch off echo mode –> user typing can still be measured on client-side

randomise timing of keystrokes

set echo delay to be constant