Constructive use of side-channels
Side-channel attacks, such as differential power analysis attacks, have been studied for 10 years in the open literature. Side-channel attacks are still one of the main security threats to real-world applications. In this talk we will look at side-channels from a new perspective. Instead of seeing side-channels as an undesired “natural” phenomena and a threat to security, we will look at the constructive use of side-channels. At CHES 09, the idea of building hardware Trojans using side-channels was first introduced. The idea behind them is that a covert and encrypted communication channel can be established. This can be achieved by transmitting the information below the noise level of the target device, e.g. through the power-consumption. The information can only be revealed with the knowledge of a secret, e.g., details of the modulation scheme. Thus, our new Trojan side-channels form a type of physical encryption. (In fact, they are somewhat related to kleptography, as proposed by Young and Yung in the late 1990s.) The advantages of using Trojan side-channels via the power consumption are that (1) communication is hidden and encrypted, (2) no additional I/O periphery is needed and (3) that they can be implemented using only a few additional gates. As an example application for the constructive use of such a hidden communication channel we show how an authentication mechanism for integrated circuits can be build using side-channels. Such an authentication mechanism can be used, for example, to efficiently identify counterfeit products or malicious devices. In contrast to mechanisms such as physical unclonable functions (PUFs) or RFID-based solutions, Trojan side-channels are not visible from anybody who is not in possession of the details of the communication channel. This talk describes joint work with Markus Kasper and Christof Paar.