Abstract
Thermal laser stimulation (TLS) is a failure analysis technique, which can be deployed by an adversary to localize and read out stored secrets in the SRAM of a chip. To this date, a few proof-of-concept experiments based on TLS or similar approaches have been reported in the literature, which do not reflect a real attack scenario. Therefore, it is still questionable whether this attack technique is applicable to modern ICs equipped with side-channel countermeasures. The primary aim of this work is to assess the feasibility of launching a TLS attack against a device with robust security features. To this end, we select a modern FPGA, and more specifically, its key memory, the so-called battery-backed SRAM (BBRAM), as a target. We demonstrate that an attacker is able to extract the stored 256-bit AES key used for the decryption of the FPGA’s bitstream, by conducting just a single non-invasive measurement. Moreover, it becomes evident that conventional countermeasures are incapable of preventing our attack since the FPGA is turned off during key recovery. Based on our time measurements, the required effort to develop the attack is shown to be less than 7 hours. To avert this powerful attack, we propose a low-cost and CMOS compatible countermeasure circuit, which is capable of protecting the BBRAM from TLS attempts even when the FPGA is powered off. Using a proof-of-concept prototype of our countermeasure, we demonstrate its effectiveness against TLS key extraction attempts.
Highlights
The primary motivation behind reverse-engineering of embedded devices is to get access to the utilized intellectual property (IP) to counterfeit and overbuild the target products [VT13, TGB17] or to extract other sensitive information contained within
We presented our thermal laser stimulation (TLS) attack against the battery-backed RAM (BBRAM) of an field programmable gate arrays (FPGAs), the same technique can be applied to SRAMs of any device
It became further apparent that TLS can be mounted in a very short amount of time even if little or no knowledge about the underlying hardware design is available to the adversary
Summary
The primary motivation behind reverse-engineering of embedded devices is to get access to the utilized intellectual property (IP) to counterfeit and overbuild the target products [VT13, TGB17] or to extract other sensitive information contained within. In failure analysis (FA) a number of techniques have been developed, which use laser radiation to influence the device under test (DUT). These techniques are referred to as laser stimulation techniques and measure changes in device parameters in response to the incident laser radiation. The effect of the stimulation is mainly localized heating While the former technique is referred to as photoelectric laser stimulation (PLS), the latter is called thermal laser stimulation (TLS). Both the photocarriers as well as the heating influence the parameters of the device. The monitored parameters are often voltage or current at a specific device pin
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: IACR Transactions on Cryptographic Hardware and Embedded Systems
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
