Research in Side-Channel Security of Embedded Systems

Security is crucial for today's portable devices including PDAs, cellphones, etc. For example, some PDAs or cell phones are internet enabled and contain creditcard information, others used in the healthcare industry contain confidential health information, and still other PDAs provide access to private corporate networks. In all these cases if the PDA is lost, it must be secure: specifically it must prevent unauthorized users from breaking into the PDA or obtaining any valuable information from the PDA. Even if the PDA is not lost, it may still be possible to obtain valuable information from the EM waves being radiated from the device while it is in use. One of the greatest feared attacks on smartcards arose in the late 90's when it was shown that the secret key could be determined by measuring the power (highly correlated with EM waves) drawn by the smartcard processor. This is known as a power analysis attack. Since then much research has concentrated on enhancing smartcard security. PDAs and other portable devices typically are more complex than smartcards and have received little attention. Additionally, many embedded devices, including PDAs, must be energy efficient in order to maintain long battery lifetimes. This research studies low energy countermeasures for power/EM analysis attacks in PDAs and other embedded devices. The security of various embedded systems is analyzed and designed to ensure that secret keys/data are not exposed through the side channel, malicious code or tampering.

Software-based, architecture-based, and VLSI-based countermeasures to thwart side channel attacks in wireless embedded systems are researched. A side channel analysis laboratory supports the verification of countermeasures and development of new attacks through real measurement of electromagnetic emissions and power. Some photos of the security lab are shown below.

Fig 1. Capturing EM emissions from a real embedded system

Fig. 2 The scope with an EM emission capture

Fig 3 An evaluation board used to monitor both EM emissions and power consumption