Paper 2014/190
The Temperature Side Channel and Heating Fault Attacks
Michael Hutter and Jörn-Marc Schmidt
Abstract
In this paper, we present practical results of data leakages of CMOS devices via the temperature side channel---a side channel that has been widely cited in literature but not well characterized yet. We investigate the leakage of processed data by passively measuring the dissipated heat of the devices. The temperature leakage is thereby linearly correlated with the power leakage model but is limited by the physical properties of thermal conductivity and capacitance. We further present heating faults by operating the devices beyond their specified temperature ratings. The efficiency of this kind of attack is shown by a practical attack on an RSA implementation. Finally, we introduce data remanence attacks on AVR microcontrollers that exploit the Negative Bias Temperature Instability (NBTI) property of internal SRAM cells. We show how to recover parts of the internal memory and present first results on an ATmega162. The work encourages the awareness of temperature-based attacks that are known for years now but not well described in literature. It also serves as a starting point for further research investigations.
Note: corrected male/female mistake in the paper about a cited publication.
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- Published elsewhere. Minor revision. CARDIS 2013
- Keywords
- TemperatureSide ChannelsFault InjectionNegative Bias Temperature InstabilityAVRSmart Cards
- Contact author(s)
- michael hutter @ iaik tugraz at
- History
- 2014-03-27: revised
- 2014-03-12: received
- See all versions
- Short URL
- https://ia.cr/2014/190
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2014/190,
author = {Michael Hutter and Jörn-Marc Schmidt},
title = {The Temperature Side Channel and Heating Fault Attacks},
howpublished = {Cryptology {ePrint} Archive, Paper 2014/190},
year = {2014},
url = {https://eprint.iacr.org/2014/190}
}
