Blog
Table of Contents
The term "ultra-paranoid computing" has been used as a playful yet serious way to describe overly cautious approaches to cybersecurity that seem paranoid to some security practitioners. However, to others, all potential attack vectors must be rigorously tested in order to gain high security assurances. This may include, for example, not only encrypting data but also using multiple layers of encryption, implementing redundant verification checks or highly restrictive access controls, even in contexts where such extensive measures might be considered overkill.
As it turns out, there are some extremely obscure ways to compromise computer systems. Rowhammer attacks allow looped memory calls to modify memory contents, potentially forfeiting system privileges to an attacker. Side channel attacks have been conducted to extract keystroke data from audio samples, exfiltrate data from air-gapped systems, and deepfake AI has many questioning everything we see and hear online.
Cryptographic keys are one of the most sensitive pieces of information in the realm of cybersecurity. They may represent authentication credentials to critical systems, or a means of encrypting data to maintain confidentiality of sensitive information - or both. Although cryptographic enclaves are designed to protect against many forms of side channel attacks designed to steal cryptographic secrets, it turns out there are other practical methods to steal cryptographic keys from computer system architecture while it is conducting cryptographic processes.
In this article we look at a security testing device - the "ChipWhisperer", how it conducts fault injection attacks (aka glitching attacks) and collects power analysis data in order to determine whether a particular cryptographic algorithm can effectively protect the underlying key or whether information leakage is enough for potential attackers capture and steal cryptographic secrets.
What is ChipWhisperer?
ChipWhisperer is an open-source hardware and software platform produced and sold by NewAE Technology Inc. designed for embedded hardware security research, particularly focusing on side-channel analysis such as power analysis [CWE-1256] and fault injection attacks [CWE-1384] (aka glitching attacks).
The ChipWhisperer is primarily used for evaluating and testing the security of integrated circuits, such as microcontrollers and other embedded devices. ChipWhisperer is a valuable tool for security researchers, hardware engineers, and enthusiasts interested in understanding and improving the security of embedded systems. Also, its open-source nature fosters collaboration and innovation within the hardware security community.
The platform provides tools for capturing and analyzing the electromagnetic emissions, power consumption, and other side channel signals emitted by a target device during its operation. By analyzing these signals, researchers can identify vulnerabilities and potential security weaknesses in the device's implementation, such as leaking cryptographic keys through power analysis attacks.
ChipWhisperer also supports fault injection (aka glitching) techniques, which involve deliberately inducing faults in the target device's operation to exploit potential vulnerabilities. This can help researchers assess the robustness of the device against physical attacks. The ChipWhisperer's primary focus remains on power glitching attacks for side-channel analysis and fault injection purposes.
Several kits are available ranging from about $250 analysis on XMEGA 8-bit architecture to $3800 USD for a Pro Kit advanced capture hardware with analog waveform triggering for glitching attacks on XMEGA 8-bit and STM32F3 32-bit targets.
What Are Fault Injection (Glitching) Attacks?
Fault injection attacks (also known as glitching attacks) exploit vulnerabilities in electronic devices by deliberately inducing faults in their operation while simultaneously monitoring side-channel information. These attacks involve deliberately injecting voltage spikes, electromagnetic interference (EMI), timing perturbations, or other disruptive environmental inputs during the device's operation at specific points in time to disrupt its normal functionality. Glitching attacks can be used to bypass security mechanisms, extract sensitive information, or gain unauthorized access to a device.
Glitching attacks can be particularly potent because they exploit weaknesses at a physical level, where traditional cryptographic defenses may not be effective. These attacks often require specialized equipment and expertise but can be highly effective in extracting sensitive information from secure devices. As a result, they are of significant concern in the field of embedded systems security, particularly for devices used in applications where protecting sensitive data is critical, such as smart cards, payment terminals, IoT devices, and cryptographic modules.
Other Types of Fault Injection Attacks
The ChipWhisperer is specially designed for power glitching attacks for side-channel analysis and fault injection, and not explicitly designed for other types of fault injection attacks. However, here is a list of some other types of fault injection attacks that may be effective for exploiting devices:
Electromagnetic Fault Injection (EMFI): EMFI [CWE-1319] involves injecting electromagnetic pulses into a target device to induce faults in its operation. By exploiting vulnerabilities in the device's susceptibility to electromagnetic interference, attackers can disrupt its functionality and potentially compromise its security. For example, EMFI may be used to disrupt surveillance camera operations or cause door locks to fail-open if not configured properly
Clock Fault Injection (CFI): CFI attacks exploit vulnerabilities in the clocking mechanisms of a target device by injecting timing glitches or fluctuations. By manipulating the device's clock signals, attackers can disrupt its timing synchronization and cause errors or faults in its operation
Temperature Fault Injection (TFI): TFI attacks involve manipulating the temperature of the target device to induce faults in its operation. By subjecting the device to extreme temperatures or rapid temperature changes, attackers can cause physical degradation or malfunction, leading to security vulnerabilities
Optical Fault Injection (OFI): OFI attacks use laser or light pulses to induce faults in the target device's operation. By targeting vulnerable components such as transistors or memory cells, attackers can disrupt the device's functionality and potentially compromise its security
What Are Power Analysis Attacks?
Power analysis side-channel attacks (PA-SCA) are a type of side-channel attack that focuses on analyzing the power consumption patterns of a cryptographic device during operation in order to reveal the cryptographic key itself. These attacks exploit the correlation between the power consumption of the device and the data being processed, and pose a significant threat, particularly in embedded systems where power consumption can be measured relatively easily. The most commonly used, peer-reviewed encryption algorithms such as RSA and AES have been proven vulnerable to PA-SCA. Countermeasures against these attacks include techniques such as algorithmic or implementation-level countermeasures, randomization, masking, and shuffling to obscure the correlation between power consumption and sensitive data.
Power analysis side channel attacks can be further categorized into two main types:
Simple Power Analysis (SPA): Attackers analyze power traces from a single execution of the cryptographic algorithm. They look for direct correlations between power consumption variations and specific operations or data values processed by the algorithm
Differential Power Analysis (DPA): DPA attacks are more sophisticated and powerful than SPA attacks. In DPA, attackers analyze multiple power traces corresponding to different sets of plaintext inputs. By statistically correlating the power consumption variations with the plaintexts and the cryptographic operations, attackers can extract sensitive information such as cryptographic keys even in the presence of noise
Correlation Power Analysis (CPA): A refined form of Differential Power Analysis (DPA) that employs statistical techniques to find correlations between the power consumption data and the hypothetical power consumption based on various guesses of the key bits. CPA focuses on using the Pearson correlation coefficient to statistically analyze the relationship between the measured power traces and the predicted power traces based on different key hypotheses
Conclusion
ChipWhisperer is an open-source platform, empowering researchers and enthusiasts to learn about embedded hardware security and actively perform side channel power analysis attacks and fault injection attacks (aka glitching attacks). ChipWisperer offers a comprehensive suite of tools for scrutinizing the vulnerabilities of integrated circuits. With its ability to capture and analyze electromagnetic emissions, power consumption, and other side-channel signals, ChipWhisperer facilitates the identification of potential security weaknesses in various embedded devices, bolstering the resilience of systems against physical and cyber threats.
Through its open-source nature, ChipWhisperer not only fosters collaboration and innovation within the hardware security community but also serves as a beacon of accessibility, democratizing the pursuit of robust embedded system security.
Looking for more cybersecurity updates and news? Sign up for our informational zero-spam newsletter.
Sign up for our newsletter
Get the latest blog posts in your inbox biweekly!