Seguridad mejorada para dispositivos inteligentes para protegerlos de manera efectiva contra poderosos ataques de piratas informáticos

Los ingenieros del MIT han demostrado que los convertidores de analógico a digital en dispositivos inteligentes son vulnerables a los ataques eléctricos y electromagnéticos de canal lateral que los piratas informáticos utilizan para «escuchar» los dispositivos y robar información secreta. Han desarrollado dos estrategias de seguridad que bloquean de manera eficiente y efectiva ambos tipos de ataques. Crédito: Noticias del MIT

Los ingenieros demuestran dos métodos de seguridad que protegen eficazmente a los convertidores de analógico a digital contra poderosos ataques destinados a robar datos de los usuarios.

Los investigadores están compitiendo contra los piratas informáticos para desarrollar protecciones más sólidas que protejan los datos de agentes maliciosos que robarían información al espiar dispositivos inteligentes.

Gran parte del esfuerzo para prevenir estos «ataques de canal lateral» se ha centrado en la vulnerabilidad de los procesadores digitales. Los piratas informáticos, por ejemplo, pueden medir la corriente eléctrica consumida por el procesador de un reloj inteligente y usarla para reconstruir los datos secretos que se procesan, como una contraseña.

Security Schemes That Protect ADC

MIT researchers developed two security schemes that protect analog-to-digital converters (ADC) from power and electromagnetic side-channel attacks using randomization. On the left is a micrograph of an ADC that randomly splits the analog-to-digital conversion process into groups of unit increments and switches them at different times. On the right is a micrograph of an ADC that splits the chip into two halves, enabling it to select two random starting points for the conversion process while speeding up the conversion. Credit: Courtesy of the researchers

A noninvasive attack

To conduct a power side-channel attack, a malicious agent typically solders a resistor onto the device’s circuit board to measure its power usage. But an electromagnetic side-channel attack is noninvasive; the agent uses an electromagnetic probe that can monitor electric current without touching the device.

The researchers showed that an electromagnetic side-channel attack was just as effective as a power side-channel attack on an analog-to-digital converter, even when the probe was held 1 centimeter away from the chip. A hacker could use this attack to steal private data from an implantable medical device.

To thwart these attacks, the researchers added randomization to the ADC conversion process.

An ADC takes an unknown input voltage, perhaps from a biometric sensor, and converts it to a digital value. To do this, a common type of ADC sets a threshold in the center of its voltage range and uses a circuit called a comparator to compare the input voltage to the threshold. If the comparator decides the input is larger, the ADC sets a new threshold in the top half of the range and runs the comparator again.

This process continues until the unknown range becomes so small it can assign a digital value to the input.

The ADC typically sets thresholds using capacitors, which draw different amounts of electric current when they switch. An attacker can monitor the power supplies and use them to train a machine-learning model that reconstructs output data with surprising accuracy.

Randomizing the process

To prevent this, Ashok and her collaborators used a random number generator to decide when each capacitor switches. This randomization makes it much harder for an attacker to correlate power supplies with output data. Their technique also keeps the comparator running constantly, which prevents an attacker from determining when each stage of the conversion began and ended.

“The idea is to split up what would normally be a binary search process into smaller chunks where it becomes difficult to know what stage in the binary search process you are on. By introducing some randomness into the conversion, the leakage is independent from what the individual operations are,” Ashok explains.

Chen and his collaborators developed an ADC that randomizes the starting point of the conversion process. This method uses two comparators and an algorithm to randomly set two thresholds instead of one, so there are millions of possible ways an ADC could arrive at a digital output. This makes it nearly impossible for an attacker to correlate a power supply waveform to a digital output.

Using two thresholds and splitting the chip into two halves not only allows random starting points, but it also removes any speed penalty, which enables it to run almost as fast as a standard ADC.

Both methods are resilient against power and electromagnetic side-channel attacks without hurting the performance of the ADC. Ashok’s method only required 14 percent more chip area, while Chen’s did not require any additional area. Both use much less power than other secure ADCs.

Each technique is tailored for a specific use. The scheme Ashok developed is simple, which makes it well-suited for low-power applications like smart devices. Chen’s technique, which is more complex, is designed for high-speed applications like video processing.

“For the past half-century of ADC research, people have focused on improving the power, performance, or area of the circuit. We’ve shown that it is also extremely important to consider the security side of ADCs. We have new dimensions for designers to consider,” Chen says.

Now that they have shown the effectiveness of these methods, the researchers plan to use them to develop detection-driven chips. In these chips, protection would only turn on when the chip detects a side-channel attack, which could boost energy efficiency while maintaining security.

“To create secure low-power edge-devices, it is necessary to optimize every single component of the system. The notion of secure analog and mixed-signal circuits is a relatively new and important research direction. Our research shows it is possible to essentially with high accuracy infer the data at the output of analog-to-digital converters by leveraging advances in machine learning and fine-grained measurement techniques,” Chandrakasan says. “Through optimized circuit methods such optimizing switching schemes, it is possible to create power and EM side-channel secure circuits, enabling fully secure systems. This is going to be critical in applications such as health care, where data privacy is critical.”


“S2ADC: A 12-bit, 1.25-MS/s Secure SAR ADC With Power Side-Channel Attack Resistance” by Taehoon Jeong, Anantha P. Chandrakasan and Hae-Seung Lee, 13 October 2020, IEEE Journal of Solid-State Circuits.
DOI: 10.1109/JSSC.2020.3027806

“Randomized Switching SAR (RS-SAR) ADC Protections for Power and Electromagnetic Side Channel Security” by Maitreyi Ashok, Edlyn V. Levine and Anantha P. Chandrakasan, 18 May 2022, 2022 IEEE Custom Integrated Circuits Conference (CICC).
DOI: 10.1109/CICC53496.2022.9772837

The research is funded, in part, by the MITRE Innovation Program, the National Science Foundation Graduate Research Fellowship Program, the MathWorks Engineering Fellowship, the Defense Advanced Research Protection Agency, the Office of Naval Research, Analog Devices, and the MIT Center for Integrated Circuits and Systems. The prototype chips were fabricated through the TSMC University Shuttle Program.

Artículos Recientes

Post Relacionados

Leave A Reply

Por favor ingrese su comentario!
Por favor ingrese su nombre aquí