Chypnosis: Stealthy Secret Extraction using Undervolting-based Static Side-channel Attacks

• URL: http://arxiv.org/abs/2504.11633v2
• Date: Thu, 17 Apr 2025 18:53:40 GMT
• Title: Chypnosis: Stealthy Secret Extraction using Undervolting-based Static Side-channel Attacks
• Authors: Kyle Mitard, Saleh Khalaj Monfared, Fatemeh Khojasteh Dana, Shahin Tajik,
• Abstract summary: We introduce a novel class of static side-channel attacks, called Chypnosis, that enables adversaries to freeze a chip's internal clock.<n>We demonstrate that, by rapidly dropping a chip's voltage below the standard nominal levels, the attacker can bypass the clock and voltage sensors and put the chip in a so-called brownout condition.<n>We show that not only are all clock sources deactivated, but various clock and voltage sensors also fail to detect the event.
• Score: 3.4482813947866693
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: There is a growing class of static physical side-channel attacks that allow adversaries to extract secrets by probing the persistent state of a circuit. Techniques such as laser logic state imaging (LLSI), impedance analysis (IA), and static power analysis fall into this category. These attacks require that the targeted data remain constant for a specific duration, which often necessitates halting the circuit's clock. Some methods additionally rely on modulating the chip's supply voltage to probe the circuit. However, tampering with the clock or voltage is typically assumed to be detectable, as secure chips often deploy sensors that erase sensitive data upon detecting such anomalies. Furthermore, many secure devices use internal clock sources, making external clock control infeasible. In this work, we introduce a novel class of static side-channel attacks, called Chypnosis, that enables adversaries to freeze a chip's internal clock by inducing a hibernation state via rapid undervolting, and then extracting secrets using static side-channels. We demonstrate that, by rapidly dropping a chip's voltage below the standard nominal levels, the attacker can bypass the clock and voltage sensors and put the chip in a so-called brownout condition, in which the chip's transistors stop switching, but volatile memories (e.g., Flip-flops and SRAMs) still retain their data. We test our attack on AMD FPGAs by putting them into hibernation. We show that not only are all clock sources deactivated, but various clock and voltage sensors also fail to detect the tamper event. Afterward, we present the successful recovery of secret bits from a hibernated chip using two static attacks, namely, LLSI and IA. Finally, we discuss potential countermeasures which could be integrated into future designs.

Related papers

• Extraction of Secrets from 40nm CMOS Gate Dielectric Breakdown Antifuses by FIB Passive Voltage Contrast [0.0]
  Antifuses are widely used for storing small amounts of data in integrated circuits. We demonstrate that data bits stored in a widely used antifuse block can be extracted by a semiconductor failure analysis technique. We identify several potential mechanisms by which it may be possible to read the even and odd rows separately.
  arXiv  Detail & Related papers  (2025-01-22T23:40:21Z)
• Cryogenic Control and Readout Integrated Circuits for Solid-State Quantum Computing [44.99833362998488]
  cryogenic integrated circuits (ICs) have emerged as potential alternatives to room-temperature electronics. operating at cryogenic temperatures can suppress electronic noise and improve qubit control fidelity. For CMOS ICs specifically, circuit design uncertainties arise due to a lack of reliable models for cryogenic field effect transistors.
  arXiv  Detail & Related papers  (2024-10-21T11:15:45Z)
• Boundary Time Crystals as AC sensors: enhancements and constraints [39.58317527488534]
  We find an enhanced sensitivity of the BTC when its spins are resonant with the applied AC field. Despite its long coherence time and multipartite correlations, the entropic cost of the BTC hinders an optimal decoding of the AC field information.
  arXiv  Detail & Related papers  (2024-06-10T13:53:31Z)
• Not All Prompts Are Secure: A Switchable Backdoor Attack Against Pre-trained Vision Transformers [51.0477382050976]
  An extra prompt token, called the switch token in this work, can turn the backdoor mode on, converting a benign model into a backdoored one. To attack a pre-trained model, our proposed attack, named SWARM, learns a trigger and prompt tokens including a switch token. Experiments on diverse visual recognition tasks confirm the success of our switchable backdoor attack, achieving 95%+ attack success rate.
  arXiv  Detail & Related papers  (2024-05-17T08:19:48Z)
• LaserEscape: Detecting and Mitigating Optical Probing Attacks [5.4511018094405905]
  We introduce LaserEscape, the first fully digital and FPGA-compatible countermeasure to detect and mitigate optical probing attacks. LaserEscape incorporates digital delay-based sensors to reliably detect the physical alteration on the fabric caused by laser beam irradiations in real time. As a response to the attack, LaserEscape deploys real-time hiding approaches using randomized hardware reconfigurability.
  arXiv  Detail & Related papers  (2024-05-06T16:49:11Z)
• RandOhm: Mitigating Impedance Side-channel Attacks using Randomized Circuit Configurations [6.388730198692013]
  We introduce RandOhm, which exploits a moving target defense (MTD) strategy based on the partial reconfiguration (PR) feature of mainstream FPGAs. We demonstrate that the information leakage through the PDN impedance could be significantly reduced via runtime reconfiguration of the secret-sensitive parts of the circuitry. In contrast to existing PR-based countermeasures, RandOhm deploys open-source bitstream manipulation tools to speed up the randomization and provide real-time protection.
  arXiv  Detail & Related papers  (2024-01-17T02:22:28Z)
• DynamiQS: Quantum Secure Authentication for Dynamic Charging of Electric Vehicles [61.394095512765304]
  Dynamic Wireless Power Transfer (DWPT) is a novel technology that allows charging an electric vehicle while driving. Recent advancements in quantum computing jeopardize classical public key cryptography. We propose DynamiQS, the first post-quantum secure authentication protocol for dynamic wireless charging.
  arXiv  Detail & Related papers  (2023-12-20T09:40:45Z)
• On Borrowed Time -- Preventing Static Side-Channel Analysis [13.896152066919036]
  adversaries exploit leakage or response behaviour of integrated circuits in a static state.<n>Members of this class include Static Power Side-Channel Analysis (SCA), Laser Logic State Imaging (LLSI) and Impedance Analysis (IA)
  arXiv  Detail & Related papers  (2023-07-18T06:36:04Z)
• Evil from Within: Machine Learning Backdoors through Hardware Trojans [51.81518799463544]
  Backdoors pose a serious threat to machine learning, as they can compromise the integrity of security-critical systems, such as self-driving cars.<n>We introduce a backdoor attack that completely resides within a common hardware accelerator for machine learning.<n>We demonstrate the practical feasibility of our attack by implanting our hardware trojan into the Xilinx Vitis AI DPU.
  arXiv  Detail & Related papers  (2023-04-17T16:24:48Z)
• Attack of the Genes: Finding Keys and Parameters of Locked Analog ICs Using Genetic Algorithm [3.0396374367054784]
  We use algorithms based on evolutionary strategies to investigate the security of analog obfuscation/locking techniques. We present a genetic algorithm (GA) approach which is capable of completely breaking a locked analog circuit. We implement both a more naive satisfiability modulo theory (SMT)-based attack on common analog benchmark circuits obfuscated by combinational locking and parameter biasing.
  arXiv  Detail & Related papers  (2020-03-31T01:38:00Z)
• Hardware-Encoding Grid States in a Non-Reciprocal Superconducting Circuit [62.997667081978825]
  We present a circuit design composed of a non-reciprocal device and Josephson junctions whose ground space is doubly degenerate and the ground states are approximate codewords of the Gottesman-Kitaev-Preskill (GKP) code. We find that the circuit is naturally protected against the common noise channels in superconducting circuits, such as charge and flux noise, implying that it can be used for passive quantum error correction.
  arXiv  Detail & Related papers  (2020-02-18T16:45:09Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.