RandOhm: Mitigating Impedance Side-channel Attacks using Randomized Circuit Configurations
- URL: http://arxiv.org/abs/2401.08925v3
- Date: Fri, 30 Aug 2024 17:30:26 GMT
- Title: RandOhm: Mitigating Impedance Side-channel Attacks using Randomized Circuit Configurations
- Authors: Saleh Khalaj Monfared, Domenic Forte, Shahin Tajik,
- Abstract summary: We introduce RandOhm, which exploits a moving target defense (MTD) strategy based on the partial reconfiguration (PR) feature of mainstream FPGAs.
We demonstrate that the information leakage through the PDN impedance could be significantly reduced via runtime reconfiguration of the secret-sensitive parts of the circuitry.
In contrast to existing PR-based countermeasures, RandOhm deploys open-source bitstream manipulation tools to speed up the randomization and provide real-time protection.
- Score: 6.388730198692013
- License: http://creativecommons.org/licenses/by-nc-sa/4.0/
- Abstract: Physical side-channel attacks can compromise the security of integrated circuits. Most physical side-channel attacks (e.g., power or electromagnetic) exploit the dynamic behavior of a chip, typically manifesting as changes in current consumption or voltage fluctuations where algorithmic countermeasures, such as masking, can effectively mitigate them. However, as demonstrated recently, these mitigation techniques are not entirely effective against backscattered side-channel attacks such as impedance analysis. In the case of an impedance attack, an adversary exploits the data-dependent impedance variations of the chip power delivery network (PDN) to extract secret information. In this work, we introduce RandOhm, which exploits a moving target defense (MTD) strategy based on the partial reconfiguration (PR) feature of mainstream FPGAs and programmable SoCs to defend against impedance side-channel attacks. We demonstrate that the information leakage through the PDN impedance could be significantly reduced via runtime reconfiguration of the secret-sensitive parts of the circuitry. Hence, by constantly randomizing the placement and routing of the circuit, one can decorrelate the data-dependent computation from the impedance value. Moreover, in contrast to existing PR-based countermeasures, RandOhm deploys open-source bitstream manipulation tools on programmable SoCs to speed up the randomization and provide real-time protection. To validate our claims, we apply RandOhm to AES ciphers realized on 28-nm FPGAs. We analyze the resiliency of our approach by performing non-profiled and profiled impedance analysis attacks and investigate the overhead of our mitigation in terms of delay and performance.
Related papers
- The Impact of Run-Time Variability on Side-Channel Attacks Targeting FPGAs [5.795035584525081]
This work proposes a fine-grained dynamic voltage and frequency scaling actuator to investigate the effectiveness of desynchronization countermeasures.
The goal is to highlight the link between the enforced run-time variability and the vulnerability to side-channel attacks of cryptographic implementations targeting FPGAs.
arXiv Detail & Related papers (2024-09-03T13:22:38Z) - Impedance vs. Power Side-channel Vulnerabilities: A Comparative Study [1.5566524830295307]
Physical side channels emerge from the relation between internal computation or data with observable physical parameters of a chip.
In this study, we conduct a comparative analysis of the impedance side channel, which has been limitedly explored, and the well-established power side channel.
Our findings indicate that impedance analysis demonstrates a higher potential for cryptographic key extraction compared to power side-channel analysis.
arXiv Detail & Related papers (2024-05-10T04:44:34Z) - Systematic Use of Random Self-Reducibility against Physical Attacks [10.581645335323655]
This work presents a novel, black-box software-based countermeasure against physical attacks including power side-channel and fault-injection attacks.
The approach uses the concept of random self-reducibility and self-correctness to add randomness and redundancy in the execution for protection.
An end-to-end implementation of this countermeasure is demonstrated for RSA-CRT signature algorithm and Kyber Key Generation public key cryptosystems.
arXiv Detail & Related papers (2024-05-08T16:31:41Z) - Impedance Leakage Vulnerability and its Utilization in Reverse-engineering Embedded Software [1.7495213911983414]
impedance is an inherent property of a device that can be exploited to leak information through an unintended side channel.
This paper demonstrates that the impedance of an embedded device is not constant and directly relates to the programs executed on the device.
We use this phenomenon as impedance leakage and use this as a side channel to extract software instructions from protected memory.
arXiv Detail & Related papers (2023-10-04T21:43:16Z) - A GKP qubit protected by dissipation in a high-impedance superconducting circuit driven by a microwave frequency comb [0.0]
We propose a novel approach to generate, protect and control GKP qubits.
It employs a microwave frequency comb parametrically modulating a Josephson circuit to enforce a dissipative dynamics of a high impedance circuit mode.
The encoded GKP qubit is robustly protected against all dominant decoherence channels plaguing superconducting circuits but quasi-particle poisoning.
arXiv Detail & Related papers (2023-04-04T00:20:02Z) - Directional Josephson traveling-wave parametric amplifier via
non-Hermitian topology [58.720142291102135]
Low-noise microwave amplification is crucial for detecting weak signals in quantum technologies and radio astronomy.
Current amplifiers do not satisfy all these requirements, severely limiting the scalability of superconducting quantum devices.
Here, we demonstrate the feasibility of building a near-ideal quantum amplifier using a homogeneous Josephson junction array and the non-trivial topology of its dynamics.
arXiv Detail & Related papers (2022-07-27T18:07:20Z) - Versatile Weight Attack via Flipping Limited Bits [68.45224286690932]
We study a novel attack paradigm, which modifies model parameters in the deployment stage.
Considering the effectiveness and stealthiness goals, we provide a general formulation to perform the bit-flip based weight attack.
We present two cases of the general formulation with different malicious purposes, i.e., single sample attack (SSA) and triggered samples attack (TSA)
arXiv Detail & Related papers (2022-07-25T03:24:58Z) - Accurate methods for the analysis of strong-drive effects in parametric
gates [94.70553167084388]
We show how to efficiently extract gate parameters using exact numerics and a perturbative analytical approach.
We identify optimal regimes of operation for different types of gates including $i$SWAP, controlled-Z, and CNOT.
arXiv Detail & Related papers (2021-07-06T02:02:54Z) - Targeted Attack against Deep Neural Networks via Flipping Limited Weight
Bits [55.740716446995805]
We study a novel attack paradigm, which modifies model parameters in the deployment stage for malicious purposes.
Our goal is to misclassify a specific sample into a target class without any sample modification.
By utilizing the latest technique in integer programming, we equivalently reformulate this BIP problem as a continuous optimization problem.
arXiv Detail & Related papers (2021-02-21T03:13:27Z) - Robust Tracking against Adversarial Attacks [69.59717023941126]
We first attempt to generate adversarial examples on top of video sequences to improve the tracking robustness against adversarial attacks.
We apply the proposed adversarial attack and defense approaches to state-of-the-art deep tracking algorithms.
arXiv Detail & Related papers (2020-07-20T08:05:55Z) - Hardware-Encoding Grid States in a Non-Reciprocal Superconducting
Circuit [62.997667081978825]
We present a circuit design composed of a non-reciprocal device and Josephson junctions whose ground space is doubly degenerate and the ground states are approximate codewords of the Gottesman-Kitaev-Preskill (GKP) code.
We find that the circuit is naturally protected against the common noise channels in superconducting circuits, such as charge and flux noise, implying that it can be used for passive quantum error correction.
arXiv Detail & Related papers (2020-02-18T16:45:09Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.