Power Measurement-Based Vulnerability Assessment of IoT Medical Devices at Varying Countermeasures for Cybersecurity

Abstract

A method for the vulnerability assessment of Internet-of-Things (IoT) medical transducers cybersecurity at varying the power countermeasures is proposed. The implemented countermeasures reinforce the most popular cryptographic algorithm, advanced encryption standard (AES), running on a low-cost, low-energy, and low-performance smart transducer for IoT medical devices. The proposed method is based on attacks standardized in the smart-card industry: differential power analysis (DPA) and correlation power analysis (CPA). Adopting a methodically rigorous framework, a boost for the study of power countermeasures was offered for IoT medical transducers. An experimental comparison of security performance among different power countermeasures was realized. Each countermeasure increases the number of power traces needed to discover the AES secret key. Random delay, random SBox, and masking strengthen the AES of 1.3, 208, and 318 factors, respectively. The masking countermeasure was by far the most effective.