Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.5
2.7
Journals
Applied Sciences
Special Issues
Side Channel Attacks in Embedded Systems
share announcement

Side Channel Attacks in Embedded Systems

A special issue of Applied Sciences (ISSN 2076-3417). This special issue belongs to the section "Electrical, Electronics and Communications Engineering".

Deadline for manuscript submissions: closed (10 January 2022) | Viewed by 29089

Special Issue Editors

Prof. Dr. Guy Gogniat

E-Mail Website
Guest Editor
CNRS Lab-STICC UMR 6285, Université Bretagne Sud, Centre de recherche Christiaan Huygens, BP 92116 - 56321 Lorient, CEDEX, France
Interests: embedded systems security; cache-based side-channel attacks; obfuscation techniques for HLS
Prof. Dr. Vianney Lapotre

E-Mail Website
Guest Editor
CNRS Lab-STICC UMR 6285, Université Bretagne Sud, Centre de recherche Christiaan Huygens, BP 92116 - 56321 Lorient, CEDEX, France
Interests: embedded systems; multiprocessor architecture; self-adaptation; security; Cybersecurity
Dr. Maria Mushtaq

E-Mail Website
Guest Editor
Telecom Paris, LTCI, COMELEC Department, Safe and Secure (SSH) Lab, 91120 Palaiseau, France
Interests: information security; cryptography; embedded systems

Special Issue Information

Dear Colleagues,

In recent years, researchers have demonstrated that modern computing systems are vulnerable from both computational and storage perspectives, and most of the performance optimizations present in modern-day computing systems can potentially expose them to adversaries and the leakage of critical information. These existing vulnerabilities lead to side-channel information leakage in many different ways, from physical to microarchitectural information. Moreover, new leakage channels keep appearing in existing architecture. Thus, the real attack surface is still unknown, both at software and hardware levels.

Side-channel analysis (SCA) has, therefore, become an important field of research. Side-channel attacks exploit existing vulnerabilities in order to extract privileged information at both physical and computational and storage levels. In order to enhance the resistance of cryptographic and security critical implementations within the design phase, countermeasures and analysis techniques are mandatory. Quality metrics regarding security are also required in order to optimize the design and development process.

This Special Issue is seeking original papers presenting attacks and exploitations, secure implementation, secure design and evaluation tools, detection techniques, and software and hardware countermeasure techniques, with a special focus on side-channel attacks.

Prof. Dr. Guy Gogniat
Prof. Dr. Vianney Lapotre
Dr. Maria Mushtaq
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Applied Sciences is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • side-channel analysis
  • fault-injection attacks
  • leakage-resilient cryptography
  • trusted execution environment
  • protections against micro-architectural side-channel and covert channel attacks
  • physical side-channel attacks and countermeasures
  • run-time detection techniques
  • operating system and hypervisor level countermeasures against side-channel attacks

Published Papers (11 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

Jump to: Review

20 pages, 2505 KiB  
Article
The Limits of SEMA on Distinguishing Similar Activation Functions of Embedded Deep Neural Networks
by Go Takatoi, Takeshi Sugawara, Kazuo Sakiyama, Yuko Hara-Azumi and Yang Li
Appl. Sci. 2022, 12(9), 4135; https://0-doi-org.brum.beds.ac.uk/10.3390/app12094135 - 20 Apr 2022
Cited by 2 | Viewed by 1992
Abstract
Artificial intelligence (AI) is progressing rapidly, and in this trend, edge AI has been researched intensively. However, much less work has been performed around the security of edge AI. Machine learning models are a mass of intellectual property, and an optimized network is [...] Read more.
Artificial intelligence (AI) is progressing rapidly, and in this trend, edge AI has been researched intensively. However, much less work has been performed around the security of edge AI. Machine learning models are a mass of intellectual property, and an optimized network is very valuable. Trained machine learning models need to be black boxes as well because they may give away information about the training data to the outside world. As selecting the appropriate activation functions to enable fast training of accurate deep neural networks is an active area of research, it is important to conceal the information of the activation functions used in a neural network architecture as well. There has been research on the use of physical attacks such as the side-channel attack (SCA) in areas other than cryptography. The SCA is highly effective against edge artificial intelligence due to its property of the device computing close to the user. We studied a previously proposed method to retrieve the activation functions of a black box neural network implemented on an edge device by using simple electromagnetic analysis (SEMA) and improved the signal processing procedure for further noisy measurements. The SEMA attack identifies activation functions by directly observing distinctive electromagnetic (EM) traces that correspond to the operations in the activation function. This method requires few executions and inputs and also has little implementation dependency on the activation functions. We distinguished eight similar activation functions with EM measurements and examined the versatility and limits of this attack. In this work, the machine learning architecture is a multilayer perceptron, evaluated on an Arduino Uno. Full article
(This article belongs to the Special Issue Side Channel Attacks in Embedded Systems)
Show Figures

Figure 1

22 pages, 996 KiB  
Article
Noise-Free Security Assessment of Eviction Set Construction Algorithms with Randomized Caches
by Amine Jaamoum, Thomas Hiscock and Giorgio Di Natale
Appl. Sci. 2022, 12(5), 2415; https://0-doi-org.brum.beds.ac.uk/10.3390/app12052415 - 25 Feb 2022
Cited by 1 | Viewed by 1783
Abstract
Cache timing attacks, i.e., a class of remote side-channel attack, have become very popular in recent years. Eviction set construction is a common step for many such attacks, and algorithms for building them are evolving rapidly. On the other hand, countermeasures are also [...] Read more.
Cache timing attacks, i.e., a class of remote side-channel attack, have become very popular in recent years. Eviction set construction is a common step for many such attacks, and algorithms for building them are evolving rapidly. On the other hand, countermeasures are also being actively researched and developed. However, most countermeasures have been designed to secure last-level caches and few of them actually protect the entire memory hierarchy. Cache randomization is a well-known mitigation technique against cache attacks that has a low-performance overhead. In this study, we attempted to determine whether address randomization on first-level caches is worth considering from a security perspective. In this paper, we present the implementation of a noise-free cache simulation framework that enables the analysis of the behavior of eviction set construction algorithms. We show that randomization at the first level of caches (L1) brings about improvements in security but is not sufficient to mitigate all known algorithms, such as the recently developed Prime–Prune–Probe technique. Nevertheless, we show that L1 randomization can be combined with a lightweight random eviction technique in higher-level caches to mitigate known conflict-based cache attacks. Full article
(This article belongs to the Special Issue Side Channel Attacks in Embedded Systems)
Show Figures

Figure 1

28 pages, 5465 KiB  
Article
Gate-Level Hardware Countermeasure Comparison against Power Analysis Attacks
by Erica Tena-Sánchez, Francisco Eugenio Potestad-Ordóñez, Carlos J. Jiménez-Fernández, Antonio J. Acosta and Ricardo Chaves
Appl. Sci. 2022, 12(5), 2390; https://0-doi-org.brum.beds.ac.uk/10.3390/app12052390 - 25 Feb 2022
Cited by 6 | Viewed by 2757
Abstract
The fast settlement of privacy and secure operations in the Internet of Things (IoT) is appealing in the selection of mechanisms to achieve a higher level of security at minimum cost and with reasonable performances. All these aspects have been widely considered by [...] Read more.
The fast settlement of privacy and secure operations in the Internet of Things (IoT) is appealing in the selection of mechanisms to achieve a higher level of security at minimum cost and with reasonable performances. All these aspects have been widely considered by the scientific community, but more effort is needed to allow the crypto-designer the selection of the best style for a specific application. In recent years, dozens of proposals have been presented to design circuits resistant to power analysis attacks. In this paper, a deep review of the state of the art of gate-level countermeasures against power analysis attacks has been carried out, performing a comparison between hiding approaches (the power consumption is intended to be the same for all the data processed) and the ones considering a masking procedure (the data are masked and behave as random). The most relevant proposals in the literature, 35 for hiding and 6 for masking, have been analyzed, not only by using data provided by proposers, but also those included in other references for comparison. Advantages and drawbacks of the proposals are analyzed, showing quantified data for cost, performance (delay and power), and security when available. One of the main conclusions is that the RSL proposal is the best in masking, while TSPL, HDRL, SDMLp, 3sDDL, TDPL, and SABL are those with the best security performance figures. Nevertheless, a wise combination of hiding and masking as masked_SABL presents promising results. Full article
(This article belongs to the Special Issue Side Channel Attacks in Embedded Systems)
Show Figures

Figure 1

14 pages, 833 KiB  
Article
Boolean Masking for Arithmetic Additions at Arbitrary Order in Hardware
by Florian Bache and Tim Güneysu
Appl. Sci. 2022, 12(5), 2274; https://0-doi-org.brum.beds.ac.uk/10.3390/app12052274 - 22 Feb 2022
Cited by 4 | Viewed by 1930
Abstract
Modular addition is an important component of many cryptographic algorithms such as ARX-ciphers and lattice-based post-quantum secure schemes. In order to protect devices that execute these algorithms against side-channel attacks, countermeasures such as masking must be applied. However, if an implementation needs to [...] Read more.
Modular addition is an important component of many cryptographic algorithms such as ARX-ciphers and lattice-based post-quantum secure schemes. In order to protect devices that execute these algorithms against side-channel attacks, countermeasures such as masking must be applied. However, if an implementation needs to be secured against multivariate attacks, univariately secure masking schemes do not suffice. In this work, we focus on hardware architectures for higher-order masked addition circuits. We present and discuss three adder designs that are protected with a provably secure masking scheme. Concretely, we discuss Kogge–Stone, Sklansky and Brent–Kung adders regarding their suitability for high-order masking and their performance in this setting. All architectures are fully pipelined and achieve a throughput of one addition per cycle. In order to achieve multivariate security at arbitrary orders, we use HPC2 Gadgets that satisfy the PINI security notion. Additionally, we apply a first-order secure threshold implementation scheme to the adder variants and compare their performance in the univariate case. Full article
(This article belongs to the Special Issue Side Channel Attacks in Embedded Systems)
Show Figures

Figure 1

22 pages, 531 KiB  
Article
MATANA: A Reconfigurable Framework for Runtime Attack Detection Based on the Analysis of Microarchitectural Signals
by Yuxiao Mao, Vincent Migliore and Vincent Nicomette
Appl. Sci. 2022, 12(3), 1452; https://0-doi-org.brum.beds.ac.uk/10.3390/app12031452 - 29 Jan 2022
Cited by 2 | Viewed by 1864
Abstract
Microarchitectural attacks exploit target hardware properties to break software isolation techniques used by the processor. These attacks are extremely powerful and hard to detect since the determination of the program execution’s impact on the microarchitecture is at the same time not precisely understood [...] Read more.
Microarchitectural attacks exploit target hardware properties to break software isolation techniques used by the processor. These attacks are extremely powerful and hard to detect since the determination of the program execution’s impact on the microarchitecture is at the same time not precisely understood and not easily observable at the software layer. Some approaches have attempted to benefit from existing hardware to better understand and detect the microarchitectural attacks (i.e., Hardware Performance Counters or Arm CoreSight), but such hardware was not meant to be used for cybersecurity, with reduced choice on observable signals and limited throughput of information. In this paper, we propose MATANA, an open and adaptive reconfigurable hardware/software co-designed framework. Combining fine-grained analysis of microarchitectural signals and software support, MATANA allows to design and assess detection mechanisms for attacks by characterizing their microarchitectural effects—in particular, microarchitectural attacks, but also some high-level attacks such as return-oriented programming attacks. The paper also describes a prototype implementation, built with a RISC-V softcore processor Rocket running Linux 4.15 on a Virtex-6 FPGA. We successfully used MATANA to analyze cache side-channel attacks and build attack detection logic from two different perspectives: instruction-based and memory-access-based. We also successfully detected return-oriented programming attacks by exhibiting a specific behavioral pattern on the microarchitecture. Full article
(This article belongs to the Special Issue Side Channel Attacks in Embedded Systems)
Show Figures

Figure 1

10 pages, 1806 KiB  
Article
Practical, Low-Cost Fault Injection Attacks on Personal Smart Devices
by Shaked Delarea and Yossi Oren
Appl. Sci. 2022, 12(1), 417; https://0-doi-org.brum.beds.ac.uk/10.3390/app12010417 - 02 Jan 2022
Cited by 5 | Viewed by 2377
Abstract
Fault attacks are traditionally considered under a threat model that assumes the device under test is in the possession of the attacker. We propose a variation on this model. In our model, the attacker integrates a fault injection circuit into a malicious field-replaceable [...] Read more.
Fault attacks are traditionally considered under a threat model that assumes the device under test is in the possession of the attacker. We propose a variation on this model. In our model, the attacker integrates a fault injection circuit into a malicious field-replaceable unit, or FRU, which is later placed by the victim in close proximity to their own device. Examples of devices which incorporate FRUs include interface cards in routers, touch screens and sensor assemblies in mobile phones, ink cartridges in printers, batteries in health sensors, and so on. FRUs are often installed by after-market repair technicians without properly verifying their authenticity, and previous works have shown they can be used as vectors for various attacks on the privacy and integrity of smart devices. We design and implement a low-cost fault injection circuit suitable for placement inside a malicious FRU, and show how it can be used to practically extract secrets from a privileged system process through a combined hardware-software approach, even if the attacker software application only has user-level permissions. Our prototype produces highly effective and repeatable attacks, despite its cost being several orders of magnitude less than that of commonly used fault injection analysis lab setups. This threat model allows fault attacks to be carried out remotely, even if the device under test is in the hands of the victim. Considered together with recent advances in software-only fault attacks, we argue that resistance to fault attacks should be built into additional classes of devices. Full article
(This article belongs to the Special Issue Side Channel Attacks in Embedded Systems)
Show Figures

Figure 1

18 pages, 1688 KiB  
Article
Balancing the Leakage Currents in Nanometer CMOS Logic—A Challenging Goal
by Bijan Fadaeinia, Thorben Moos and Amir Moradi
Appl. Sci. 2021, 11(15), 7143; https://0-doi-org.brum.beds.ac.uk/10.3390/app11157143 - 02 Aug 2021
Cited by 1 | Viewed by 2421
Abstract
The imbalance of the currents leaked by CMOS standard cells when different logic values are applied to their inputs can be exploited as a side channel to recover the secrets of cryptographic implementations. Traditional side-channel countermeasures, primarily designed to thwart the dynamic leakage [...] Read more.
The imbalance of the currents leaked by CMOS standard cells when different logic values are applied to their inputs can be exploited as a side channel to recover the secrets of cryptographic implementations. Traditional side-channel countermeasures, primarily designed to thwart the dynamic leakage behavior, were shown to be much less powerful against this static threat. Thus, a special protection mechanism called Balanced Static Power Logic (BSPL) has been proposed very recently. Essentially, fundamental standard cells are re-designed to balance their drain-source leakage current independent of the given input. In this work, we analyze the BSPL concept in more detail and reveal several design issues that limit its effectiveness as a universal logic library. Although balancing drain-source currents remains a valid approach even in more advanced technology generations, we show that it is conceptually insufficient to achieve a fully data-independent leakage behavior in smaller geometries. Instead, we suggest an alternative approach, so-called improved BSPL (iBSPL). To evaluate the proposed method, we use information theoretic analysis. As an attack strategy, we have chosen Moments-Correlating DPA (MCDPA), since this analysis technique does not depend on a particular leakage model and allows a fair comparison. Through these evaluation methods, we show iBSPL demands fewer resources and delivers better balance in the ideal case as well as in the presence of process variations. Full article
(This article belongs to the Special Issue Side Channel Attacks in Embedded Systems)
Show Figures

Figure 1

14 pages, 27924 KiB  
Article
Performing Cache Timing Attacks from the Reconfigurable Part of a Heterogeneous SoC—An Experimental Study
by Lilian Bossuet and El Mehdi Benhani
Appl. Sci. 2021, 11(14), 6662; https://0-doi-org.brum.beds.ac.uk/10.3390/app11146662 - 20 Jul 2021
Cited by 2 | Viewed by 2261
Abstract
Cache attacks are widespread on microprocessors and multi-processor system-on-chips but have not yet spread to heterogeneous systems-on-chip such as SoC-FPGA that are found in increasing numbers of applications on servers or in the cloud. This type of SoC has two parts: a processing [...] Read more.
Cache attacks are widespread on microprocessors and multi-processor system-on-chips but have not yet spread to heterogeneous systems-on-chip such as SoC-FPGA that are found in increasing numbers of applications on servers or in the cloud. This type of SoC has two parts: a processing system that includes hard components and ARM processor cores and a programmable logic part that includes logic gates to be used to implement custom designs. The two parts communicate via memory-mapped interfaces. One of these interfaces is the accelerator coherency port that provides optional cache coherency between the two parts. In this paper, we discuss the practicability and potential threat of inside-SoC cache attacks using the cache coherency mechanism of a complex heterogeneous SoC-FPGA. We provide proof of two cache timing attacks Flush+Reload and Evict+Time when SoC-FPGA is targeted, and proof of hidden communication using a cache-based covert channel. The heterogeneous SoC-FPGA Xilinx Zynq-7010 is used as an experimental target. Full article
(This article belongs to the Special Issue Side Channel Attacks in Embedded Systems)
Show Figures

Figure 1

20 pages, 318 KiB  
Article
Search-Space Reduction for S-Boxes Resilient to Power Attacks
by Carlos Miguel Legón-Pérez, Ricardo Sánchez-Muiña, Dianne Miyares-Moreno, Yasser Bardaji-López, Ismel Martínez-Díaz, Omar Rojas and Guillermo Sosa-Gómez
Appl. Sci. 2021, 11(11), 4815; https://0-doi-org.brum.beds.ac.uk/10.3390/app11114815 - 24 May 2021
Cited by 1 | Viewed by 1896
Abstract
The search of bijective n×n S-boxes resilient to power attacks in the space of dimension (2n)! is a controversial topic in the cryptology community nowadays. This paper proposes partitioning the space of (2n)! [...] Read more.
The search of bijective n×n S-boxes resilient to power attacks in the space of dimension (2n)! is a controversial topic in the cryptology community nowadays. This paper proposes partitioning the space of (2n)! S-boxes into equivalence classes using the hypothetical power leakage according to the Hamming weights model, which ensures a homogeneous theoretical resistance within the class against power attacks. We developed a fast algorithm to generate these S-boxes by class. It was mathematically demonstrated that the theoretical metric confusion coefficient variance takes constant values within each class. A new search strategy—jumping over the class space—is justified to find S-boxes with high confusion coefficient variance in the space partitioned by Hamming weight classes. In addition, a decision criterion is proposed to move quickly between or within classes. The number of classes and the number of S-boxes within each class are calculated, showing that, as n increases, the class space dimension is an ever-smaller fraction of the space of S-boxes, which significantly reduces the space of search of S-boxes resilient to power attacks, when the search is performed from class to class. Full article
(This article belongs to the Special Issue Side Channel Attacks in Embedded Systems)
Show Figures

Graphical abstract

Review

Jump to: Research

20 pages, 1028 KiB  
Review
Hardware Countermeasures Benchmarking against Fault Attacks
by Francisco Eugenio Potestad-Ordóñez, Erica Tena-Sánchez, Antonio José Acosta-Jiménez, Carlos Jesús Jiménez-Fernández and Ricardo Chaves
Appl. Sci. 2022, 12(5), 2443; https://0-doi-org.brum.beds.ac.uk/10.3390/app12052443 - 26 Feb 2022
Cited by 4 | Viewed by 2600
Abstract
The development of differential fault analysis (DFA) techniques and mechanisms to inject faults into cryptographic circuits brings with it the need to use protection mechanisms that guarantee the expected level of security. The AES cipher, as a standard, has been the target of [...] Read more.
The development of differential fault analysis (DFA) techniques and mechanisms to inject faults into cryptographic circuits brings with it the need to use protection mechanisms that guarantee the expected level of security. The AES cipher, as a standard, has been the target of numerous DFA techniques, where its security has been compromised through different formulations and types of fault injections. These attacks have shown vulnerabilities of different AES implementations and building blocks. Consequently, several solutions have been proposed that provide additional protection to cover the identified vulnerabilities. In this paper, an extensive analysis has been carried out covering the existing fault injection techniques, the types of faults, and the requirements needed to apply DFA. Additionally, an analysis of the countermeasures reported in the literature is also presented, considering the protection provided, the type of faults considered, and the coverage against fault attacks. The eight different types of fault that allow us to perform DFAs on the AES cipher have been differentiated, as well as the vulnerabilities of the cipher. On the other hand, two comparisons have been made considering frequency penalty vs. area and fault coverage vs. area and frequency overhead. A metric has been proposed to compare the fault coverage of all the proposed solutions. To conclude, a final analysis is presented discussing the key aspects when choosing a particular solution and the possible development of new countermeasures to provide further protection against DFA. Full article
(This article belongs to the Special Issue Side Channel Attacks in Embedded Systems)
Show Figures

Figure 1

25 pages, 598 KiB  
Review
Physical Side-Channel Attacks on Embedded Neural Networks: A Survey
by Maria Méndez Real and Rubén Salvador
Appl. Sci. 2021, 11(15), 6790; https://0-doi-org.brum.beds.ac.uk/10.3390/app11156790 - 23 Jul 2021
Cited by 15 | Viewed by 4239
Abstract
During the last decade, Deep Neural Networks (DNN) have progressively been integrated on all types of platforms, from data centers to embedded systems including low-power processors and, recently, FPGAs. Neural Networks (NN) are expected to become ubiquitous in IoT systems by transforming all [...] Read more.
During the last decade, Deep Neural Networks (DNN) have progressively been integrated on all types of platforms, from data centers to embedded systems including low-power processors and, recently, FPGAs. Neural Networks (NN) are expected to become ubiquitous in IoT systems by transforming all sorts of real-world applications, including applications in the safety-critical and security-sensitive domains. However, the underlying hardware security vulnerabilities of embedded NN implementations remain unaddressed. In particular, embedded DNN implementations are vulnerable to Side-Channel Analysis (SCA) attacks, which are especially important in the IoT and edge computing contexts where an attacker can usually gain physical access to the targeted device. A research field has therefore emerged and is rapidly growing in terms of the use of SCA including timing, electromagnetic attacks and power attacks to target NN embedded implementations. Since 2018, research papers have shown that SCA enables an attacker to recover inference models architectures and parameters, to expose industrial IP and endangers data confidentiality and privacy. Without a complete review of this emerging field in the literature so far, this paper surveys state-of-the-art physical SCA attacks relative to the implementation of embedded DNNs on micro-controllers and FPGAs in order to provide a thorough analysis on the current landscape. It provides a taxonomy and a detailed classification of current attacks. It first discusses mitigation techniques and then provides insights for future research leads. Full article
(This article belongs to the Special Issue Side Channel Attacks in Embedded Systems)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-11
Back to TopTop