Embedded systems have a plethora of security solutions and encryption protocols that can protect them against a multitude of attacks. Hardware engineers infuse lot of time and effort in implementing cryptographic algorithms, keeping the analysis of design constraints into rumination. When it comes to designs in potential hostile environment, engineers face a challenge for building resistance-free embedded systems against attacks called side channel attacks. Therefore, there is a strong need to address issues related to side channel attacks. This chapter will provide an insight into the field of hardware security, and will provide a deep investigation of various types of side channel attacks and better understanding of various power analysis tools, which will further give researchers a vision to build efficient and secure systems in order to thwart attacks. This chapter mainly focuses on passive attacks as compared to active attacks since passive attacks are easy to perform and lot of research is going on these attacks.
TopIntroduction
The era of IOT and cloud computing has given advent to the field of hardware security. Hardware security deals with designing resistant free IC i.e. to secure hardware against side channel attacks. In today’s world, numerous systems rely no more on traditional PC but they are connected to embedded system such as FPGA, ASIC, SOC etc (Barenghi et al, 2012). Embedded devices are widespread in every aspect of life. There are manifolds such as smart cars, smart locks, smart cards, industrial machines etc. In case of smart cars if the antagonist is able to malfunction the operation or somehow able to get the unintended data, then it may lead to some erroneous output or in worst case endanger the human lives. In this electronic world if adversary is able to get the secret information, it may hamper the security, which can further lead to serious ramifications (Cilio et al, 2013).
In this era of embedded systems, there is a need to dig into the security related issues and examine security related mechanism thoroughly. Hardware security is a young field, which received relatively little attention in scientific community. Physical attacks pose a serious threat to embedded devices and there is a strong need to address security related challenges. We need to build secured hardware in order to have effective communication (Lumbiarrs, 2016).
Figure 1 shows the layered approach of hardware security. As shown in the figure a device consists of hardware, software and firmware. The device secured at only software part is not considered as secured one. Hardware part is equally important and needs protection against various kinds of physical attacks, only then we can build a secure device/circuit. Hardware security is a field which deals with securing a device at hardware level (circuit level, system level etc).
Figure 1. Layered approach of hardware security
Brief History of Hardware Attacks: It was in the late 90’s when kocher et al (1998) proposed Side Channel Attacks (Biham et al, 1997). In 1996 kocher introduced the first passive attack based on the execution’s timing measurements. It showed a new method to extract secret data from smart card while processing. Boneh, DeMillo and Lipton then published the first active attack know as bellcore attack. Both the attacks types are opposite in nature. Active attacks tamper the parameters of IC such as variation in clock, power supply etc that leads to erroneous behavior of device, where as passive attacks are based on observation of information leaked during normal operation of device such as power consumption, EM waves, temperature, computation time of different instructions, observing the sound of fan used in microprocessor etc while the cryptographic operation is still taking place.
Classification of Side Channel Attacks: Side channel attacks are called as side channel because they do not involve actively but take part passively without tampering the device. The person will not even know about the attack. Figure 2 shows the categorization of side channel attacks.
The literature categorizes attacks as invasive vs non- invasive, active vs passive attacks.
Invasive Vs Non-Invasive: Invasive attacks are the ones, which require direct access to the chip. They are penetrative attacks, which leave tamper evidence of attack or even destroy the device. They may harm the chip physically leaving the device damaged permanently. Non-invasive attacks are less destructive as compared to invasive attacks and they do not harm the chip physically. They non-penetrative attacks. In this attacker interacts with device via its interface (voltage, current, I/O etc). They just observe and manipulate device without physical harm to it. These types of attacks leave no evidence of attack. Device remains undamaged. Skorobogatov and Anderson add a new distinction with what they call semi-invasive attacks. It’s a kind of attack which is less destructive than invasive one. In this, it requires depackaging of chip but they do not tamper with passivation layer- they do not require electrical contact to metal surface.
Figure 2. Classification of side channel attacks