Cryptology ePrint Archive: Report 2019/923

Automated Probe Repositioning for On-Die EM Measurements

Bastian Richter and Alexander Wild and Amir Moradi

Abstract: In side-channel analysis attacks, on-die localized EM monitoring enable high bandwidth measurements of only a relevant part of the Integrated Circuit (IC). This can lead to improved attacks compared to cases where only power consumption is measured. Combined with profiled attacks which utilize a training phase to create precise models of the information leakage, the attacks can become even more powerful. In contrast, localized EM measurements can cause difficulties in applying the learned models as the probe should be identically positioned for both the training and the attack even when the setup was used otherwise in between. Even small differences in the probe position can lead to significant differences in the recorded signals. In this paper we present an automated system to precisely and efficiently reposition the probe when performing repeated measurements. Based on the training IC, we train a machine learning system to return the position of the probe for a given measurement. By taking a small number of measurements on the IC under attack, we can then obtain the coordinates of the measurements and map it to correct the coordinate system. As the target for our practical analyses, we use an STM32L0 ARMM0+ microcontroller with integrated hardware AES.

Category / Keywords: implementation / side-channel analysis, EM probe, machine learning, CNN

Original Publication (in the same form): 2019 International Conference On Computer Aided Design - ICCAD

Date: received 13 Aug 2019

Contact author: bastian richter at rub de,amir moradi@rub de

Available format(s): PDF | BibTeX Citation

Version: 20190813:221217 (All versions of this report)

Short URL: ia.cr/2019/923


[ Cryptology ePrint archive ]