How to alert and protect against voltage side-channel attacks
In recent years there has been an increase in the number of side-channel attacks (SCAs), as hackers are using new tactics to take advantage of security vulnerabilities.
By Chris Morrison, Director of Product Marketing, Agile Analog
It’s important to be aware of the range of applications that are at risk and what counter-measure solutions are available. This article focuses on physical voltage side-channel attacks, which use glitching techniques to exploit variations in the power supply voltage to extract sensitive information from a target device.
Applications
In order to understand these attacks and learn how to be protected against them, let’s look at a few example applications.
Security camera
If a security camera is intercepted, it can be vulnerable to a voltage side-channel attack. The boot-signing sequence can be by-passed, the system re-set, and then re-flashed with unauthorised firmware. This enables a hacker to view the video and audio stream content, and then blackmail the owner. With a solution like a voltage glitch detector the system can detect voltage glitch incidents, then prevent any unauthorised activity.
Satellite TV receiver
It is possible to remove Digital Rights Management (DRM) from films broadcast over a satellite channel, by installing a voltage glitcher on a HDMI controller supply to a satellite receiver with a valid subscription. The hacker is able to reset the HDMI output to be non-HDCP validated, and decrypted HD content is streamed out to a non-secure device. This device then re-encodes the content without protection. A voltage glitch detector can discover the voltage glitching and stop this.
IoT security device
There have been cases when an IoT security device like a wireless door lock has been accessed, then a voltage glitching technique used to enter the debug mode of the device to read all the authorised keys for the lock. However, if a voltage glitch detector is embedded, the IoT security device identifies and records the voltage glitch, sends an alert, confirming the date and time to help find the perpetrator.
Hotel electronic safe
For an intruder to test all combinations of a key code before the hotel safe lockout timer is triggered, the power supply can be glitched to prevent the failed attempts being recorded. A voltage monitor would see that the power supply is being glitched and highlight that suspicious power resets are occurring.
USB key
There can be a problem when a user keeps their crypto e-wallet keys on a USB key and then loses the USB key. A hacker can use a voltage glitching technique to by-pass the password check by timing a glitch to coincide with a password check test. A voltage glitch detector can detect the power supply being glitched, and then can wipe the contents of the USB key, preventing access to sensitive information.
Solutions
Side-channel attacks are increasing in frequency and complexity. It is fortunate that there are new counter-measure solutions available that can help to offer protection against a variety of different security vulnerabilities.
Agile Analog has created agileVGLITCH – a configurable voltage glitch detector IP that can be incorporated into a System-on-Chip (SoC) design. This IP, alongside Agile Analog's temperature glitch detector and clock attack monitor IPs, can check vital parameters like voltage, temperature, and clock for any changes that might indicate an attack on the chip, such as supply voltage fluctuations or power supply manipulation. If these occur, an alert is raised.
In today’s challenging security environment one thing is clear – preventive action is crucial.