Chypnosis: Undervolting-based Static Side-channel Attacks
- URL: http://arxiv.org/abs/2504.11633v5
- Date: Tue, 30 Sep 2025 00:53:34 GMT
- Title: Chypnosis: Undervolting-based Static Side-channel Attacks
- Authors: Kyle Mitard, Saleh Khalaj Monfared, Fatemeh Khojasteh Dana, Robert Dumitru, Yuval Yarom, Shahin Tajik,
- Abstract summary: Static side-channel analysis attacks rely on a stopped clock to extract sensitive information.<n>We present emphChypnosis, an undervolting attack technique that indirectly stops the target circuit clock.<n>Chypnosis also blocks the state clearing stage of prior defenses, allowing recovery of secret information even in their presence.
- Score: 13.755322225156263
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Static side-channel analysis attacks, which rely on a stopped clock to extract sensitive information, pose a growing threat to embedded systems' security. To protect against such attacks, several proposed defenses aim to detect unexpected variations in the clock signal and clear sensitive states. In this work, we present \emph{Chypnosis}, an undervolting attack technique that indirectly stops the target circuit clock, while retaining stored data. Crucially, Chypnosis also blocks the state clearing stage of prior defenses, allowing recovery of secret information even in their presence. However, basic undervolting is not sufficient in the presence of voltage sensors designed to handle fault injection via voltage tampering. To overcome such defenses, we observe that rapidly dropping the supply voltage can disable the response mechanism of voltage sensor systems. We implement Chypnosis on various FPGAs, demonstrating the successful bypass of their sensors, both in the form of soft and hard IPs. To highlight the real-world applicability of Chypnosis, we show that the alert handler of the OpenTitan root-of-trust, responsible for providing hardware responses to threats, can be bypassed. Furthermore, we demonstrate that by combining Chypnosis with static side-channel analysis techniques, namely laser logic state imaging (LLSI) and impedance analysis (IA), we can extract sensitive information from a side-channel protected cryptographic module used in OpenTitan, even in the presence of established clock and voltage sensors. Finally, we propose and implement an improvement to an established FPGA-compatible clock detection countermeasure, and we validate its resilience against Chypnosis.
Related papers
- Detecting Object Tracking Failure via Sequential Hypothesis Testing [80.7891291021747]
Real-time online object tracking in videos constitutes a core task in computer vision.<n>We propose interpreting object tracking as a sequential hypothesis test, wherein evidence for or against tracking failures is gradually accumulated over time.<n>We propose both supervised and unsupervised variants by leveraging either ground-truth or solely internal tracking information.
arXiv Detail & Related papers (2026-02-13T14:57:15Z) - NeuroBreak: Unveil Internal Jailbreak Mechanisms in Large Language Models [68.09675063543402]
NeuroBreak is a top-down jailbreak analysis system designed to analyze neuron-level safety mechanisms and mitigate vulnerabilities.<n>By incorporating layer-wise representation probing analysis, NeuroBreak offers a novel perspective on the model's decision-making process.<n>We conduct quantitative evaluations and case studies to verify the effectiveness of our system.
arXiv Detail & Related papers (2025-09-04T08:12:06Z) - Robust Anti-Backdoor Instruction Tuning in LVLMs [53.766434746801366]
We introduce a lightweight, certified-agnostic defense framework for large visual language models (LVLMs)<n>Our framework finetunes only adapter modules and text embedding layers under instruction tuning.<n>Experiments against seven attacks on Flickr30k and MSCOCO demonstrate that ours reduces their attack success rate to nearly zero.
arXiv Detail & Related papers (2025-06-04T01:23:35Z) - CANTXSec: A Deterministic Intrusion Detection and Prevention System for CAN Bus Monitoring ECU Activations [53.036288487863786]
We propose CANTXSec, the first deterministic Intrusion Detection and Prevention system based on physical ECU activations.<n>It detects and prevents classical attacks in the CAN bus, while detecting advanced attacks that have been less investigated in the literature.<n>We prove the effectiveness of our solution on a physical testbed, where we achieve 100% detection accuracy in both classes of attacks while preventing 100% of FIAs.
arXiv Detail & Related papers (2025-05-14T13:37:07Z) - CRAFT: Characterizing and Root-Causing Fault Injection Threats at Pre-Silicon [3.6158033114580674]
Fault injection attacks pose significant security threats to embedded systems.<n>Early detection and understanding of how physical faults propagate to system-level behavior are essential to safeguarding cyberinfrastructure.<n>This work introduces CRAFT, a framework that combines pre-silicon analysis with post-silicon validation to systematically uncover and analyze fault injection vulnerabilities.
arXiv Detail & Related papers (2025-03-05T20:17:46Z) - Extraction of Secrets from 40nm CMOS Gate Dielectric Breakdown Antifuses by FIB Passive Voltage Contrast [0.0]
Antifuses are widely used for storing small amounts of data in integrated circuits.
We demonstrate that data bits stored in a widely used antifuse block can be extracted by a semiconductor failure analysis technique.
We identify several potential mechanisms by which it may be possible to read the even and odd rows separately.
arXiv Detail & Related papers (2025-01-22T23:40:21Z) - Cryogenic Control and Readout Integrated Circuits for Solid-State Quantum Computing [44.99833362998488]
cryogenic integrated circuits (ICs) have emerged as potential alternatives to room-temperature electronics.
operating at cryogenic temperatures can suppress electronic noise and improve qubit control fidelity.
For CMOS ICs specifically, circuit design uncertainties arise due to a lack of reliable models for cryogenic field effect transistors.
arXiv Detail & Related papers (2024-10-21T11:15:45Z) - Boundary Time Crystals as AC sensors: enhancements and constraints [39.58317527488534]
We find an enhanced sensitivity of the BTC when its spins are resonant with the applied AC field.
Despite its long coherence time and multipartite correlations, the entropic cost of the BTC hinders an optimal decoding of the AC field information.
arXiv Detail & Related papers (2024-06-10T13:53:31Z) - Not All Prompts Are Secure: A Switchable Backdoor Attack Against Pre-trained Vision Transformers [51.0477382050976]
An extra prompt token, called the switch token in this work, can turn the backdoor mode on, converting a benign model into a backdoored one.
To attack a pre-trained model, our proposed attack, named SWARM, learns a trigger and prompt tokens including a switch token.
Experiments on diverse visual recognition tasks confirm the success of our switchable backdoor attack, achieving 95%+ attack success rate.
arXiv Detail & Related papers (2024-05-17T08:19:48Z) - LaserEscape: Detecting and Mitigating Optical Probing Attacks [5.4511018094405905]
We introduce LaserEscape, the first fully digital and FPGA-compatible countermeasure to detect and mitigate optical probing attacks.
LaserEscape incorporates digital delay-based sensors to reliably detect the physical alteration on the fabric caused by laser beam irradiations in real time.
As a response to the attack, LaserEscape deploys real-time hiding approaches using randomized hardware reconfigurability.
arXiv Detail & Related papers (2024-05-06T16:49:11Z) - FaultGuard: A Generative Approach to Resilient Fault Prediction in Smart Electrical Grids [53.2306792009435]
FaultGuard is the first framework for fault type and zone classification resilient to adversarial attacks.
We propose a low-complexity fault prediction model and an online adversarial training technique to enhance robustness.
Our model outclasses the state-of-the-art for resilient fault prediction benchmarking, with an accuracy of up to 0.958.
arXiv Detail & Related papers (2024-03-26T08:51:23Z) - Information Leakage through Physical Layer Supply Voltage Coupling Vulnerability [2.6490401904186758]
We introduce a novel side-channel vulnerability that leaks data-dependent power variations through physical layer supply voltage coupling (PSVC)
Unlike traditional power side-channel attacks, the proposed vulnerability allows an adversary to mount an attack and extract information without modifying the device.
arXiv Detail & Related papers (2024-03-12T23:39:54Z) - RandOhm: Mitigating Impedance Side-channel Attacks using Randomized Circuit Configurations [6.388730198692013]
We introduce RandOhm, which exploits a moving target defense (MTD) strategy based on the partial reconfiguration (PR) feature of mainstream FPGAs.
We demonstrate that the information leakage through the PDN impedance could be significantly reduced via runtime reconfiguration of the secret-sensitive parts of the circuitry.
In contrast to existing PR-based countermeasures, RandOhm deploys open-source bitstream manipulation tools to speed up the randomization and provide real-time protection.
arXiv Detail & Related papers (2024-01-17T02:22:28Z) - DynamiQS: Quantum Secure Authentication for Dynamic Charging of Electric Vehicles [61.394095512765304]
Dynamic Wireless Power Transfer (DWPT) is a novel technology that allows charging an electric vehicle while driving.
Recent advancements in quantum computing jeopardize classical public key cryptography.
We propose DynamiQS, the first post-quantum secure authentication protocol for dynamic wireless charging.
arXiv Detail & Related papers (2023-12-20T09:40:45Z) - On Borrowed Time -- Preventing Static Side-Channel Analysis [13.896152066919036]
adversaries exploit leakage or response behaviour of integrated circuits in a static state.<n>Members of this class include Static Power Side-Channel Analysis (SCA), Laser Logic State Imaging (LLSI) and Impedance Analysis (IA)
arXiv Detail & Related papers (2023-07-18T06:36:04Z) - Evil from Within: Machine Learning Backdoors through Hardware Trojans [51.81518799463544]
Backdoors pose a serious threat to machine learning, as they can compromise the integrity of security-critical systems, such as self-driving cars.<n>We introduce a backdoor attack that completely resides within a common hardware accelerator for machine learning.<n>We demonstrate the practical feasibility of our attack by implanting our hardware trojan into the Xilinx Vitis AI DPU.
arXiv Detail & Related papers (2023-04-17T16:24:48Z) - Neighbors From Hell: Voltage Attacks Against Deep Learning Accelerators
on Multi-Tenant FPGAs [13.531406531429335]
We evaluate the security of FPGA-based deep learning accelerators against voltage-based integrity attacks.
We show that aggressive clock gating, an effective power-saving technique, can also be a potential security threat in modern FPGAs.
We achieve 1.18-1.31x higher inference performance by over-clocking the DL accelerator without affecting its prediction accuracy.
arXiv Detail & Related papers (2020-12-14T03:59:08Z) - No Need to Know Physics: Resilience of Process-based Model-free Anomaly
Detection for Industrial Control Systems [95.54151664013011]
We present a novel framework to generate adversarial spoofing signals that violate physical properties of the system.
We analyze four anomaly detectors published at top security conferences.
arXiv Detail & Related papers (2020-12-07T11:02:44Z) - Attack of the Genes: Finding Keys and Parameters of Locked Analog ICs
Using Genetic Algorithm [3.0396374367054784]
We use algorithms based on evolutionary strategies to investigate the security of analog obfuscation/locking techniques.
We present a genetic algorithm (GA) approach which is capable of completely breaking a locked analog circuit.
We implement both a more naive satisfiability modulo theory (SMT)-based attack on common analog benchmark circuits obfuscated by combinational locking and parameter biasing.
arXiv Detail & Related papers (2020-03-31T01:38:00Z) - Hardware-Encoding Grid States in a Non-Reciprocal Superconducting
Circuit [62.997667081978825]
We present a circuit design composed of a non-reciprocal device and Josephson junctions whose ground space is doubly degenerate and the ground states are approximate codewords of the Gottesman-Kitaev-Preskill (GKP) code.
We find that the circuit is naturally protected against the common noise channels in superconducting circuits, such as charge and flux noise, implying that it can be used for passive quantum error correction.
arXiv Detail & Related papers (2020-02-18T16:45:09Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.