Cryptology ePrint Archive: Report 2018/881

Remote Inter-Chip Power Analysis Side-Channel Attacks at Board-Level

Falk Schellenberg and Dennis R.E. Gnad and Amir Moradi and Mehdi B. Tahoori

Abstract: The current practice in board-level integration is to incorporate chips and components from numerous vendors. A fully trusted supply chain for all used components and chipsets is an important, yet extremely difficult to achieve, prerequisite to validate a complete board-level system for safe and secure operation. An increasing risk is that most chips nowadays run software or firmware, typically updated throughout the system lifetime, making it practically impossible to validate the full system at every given point in the manufacturing, integration and operational life cycle. This risk is elevated in devices that run 3rd party firmware. In this paper we show that an FPGA used as a common accelerator in various boards can be reprogrammed by software to introduce a sensor, suitable as a remote power analysis side-channel attack vector at the board-level. We show successful power analysis attacks from one FPGA on the board to another chip implementing RSA and AES cryptographic modules. Since the sensor is only mapped through firmware, this threat is very hard to detect, because data can be exfiltrated without requiring inter-chip communication between victim and attacker. Our results also prove the potential vulnerability in which any untrusted chip on the board can launch such attacks on the remaining system.

Category / Keywords: implementation / side-channel analysis, FPGA

Original Publication (in the same form): ICCAD 2018

Date: received 19 Sep 2018

Contact author: amir moradi at rub de

Available format(s): PDF | BibTeX Citation

Version: 20180923:192421 (All versions of this report)

Short URL: ia.cr/2018/881


[ Cryptology ePrint archive ]