Abstract
Electro-magnetic (EM) side channel attacks have become a serious threat to security of Internet-of-Things (IoT) devices. Power supply generated by voltage regulators is one of the most common attack targets due to its strong EM emanations. In this brief we derive analytical conditions for complete theoretical decorrelation of the power supply EM side-channel signal and the sensitive data. The output of the power supply converter is modelled as amplitude modulation (AM) of the load signal by the converter capacitance that acts as a carrier. By applying Price theorem (Papoulis and Pillai, 2002), we obtain the exact theoretical conditions that converter capacitance needs to fulfil in order to prevent EM side-channel attacks. The conditions are further adapted for practical implementation. When the proposed methodology is applied to AES measured traces, the correlation coefficient between the leaked signal and the sensitive data is 0.05. Such low correlation indicates the proposed methodology is a promising candidate against the attacks that exploit AM signals to extract sensitive data, such as, TEMPEST and active EM attacks. Test Vector Leakage Assessment (TVLA) <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">$\rho $ </tex-math></inline-formula> -test detects no leaky points, thereby confirming circuit protection against differential and correlation EM attacks as well.
Highlights
S IDE-CHANNEL attacks rely on measurement of physical leakages of the device while running a cryptographic algorithm or a malware program that serves to exfiltrate sensitive data
In order to make an assessment for attacks that search for information through demodulation of the power supply signal, the correlation coefficient is computed between the AES measured traces (R(t)) and the leaked signal (R(t)C(t))
Afterwards, both Test Vector Leakage Assessment (TVLA) t-test and rho-test are employed to estimate the number of leaky points for differential and correlation attacks
Summary
S IDE-CHANNEL attacks rely on measurement of physical leakages of the device while running a cryptographic algorithm or a malware program that serves to exfiltrate sensitive data Leakages such as EM radiation, power consumption or execution time can reveal confidential information. We focus on EM side-channel attacks as they pose a more serious threat to the security when compared to power side-channel attacks [2], [3] They can be either passive, where the hidden information like cryptographic secret key, is extracted from unintentional EM radiation [6]–[16], or active, where the attacker creates a covert channel and manipulates the EM emanations in order to obtain sensitive data [17]–[20].
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
