Side Channel Attacks
What in the world is a side channel attack?
In cryptography, a side channel attack accesses information about a secured system through the analysis of physical attributes of the system. This is in contrast to an attack through brute force or through supposed weaknesses in the algorithms securing a system.
For generations, people have sought ways to secure possessions, loved ones, and information, and since the very first lock, others have been looking for ways to break through it.
There was a time when all it took to break down a wooden door was a battering ram. Over time, doors got a little bigger and thicker and it took a few more swings or a little larger battering ram. While strong, wooden doors became obsolete as iron gates became impenetrable. This same progression can be seen when it comes to cryptography.
It used to be enough to hook up a decent computer to a terminal and let it crunch through permutations until it hit upon the right pin or pass key. Or spoof the system into recognizing it as the administrator.
Increased security creates the need for increased strength to break through. But what happens when the security of the door is impenetrable?
That's where creativity and ingenuity come into play. Back to our besieged medieval town. The catapults used by the attackers were not powerful enough to brute force an iron gate, and the walls were too thick to break through, so it was time for a side channel attack.
At first, the catapults spread evenly along the wall to launch stones. The barrage continues until a crack is noticed in a wall. It's time to converge all those catapults on the weak spot and there's a type of a side channel attack. Other types include spying on the town gates, watching the vital merchandise flowing in and out as well as the messengers between towns to try to infer information about the activities inside the town.
In the world of cryptography, security has become increasingly sophisticated. For the strongest systems, brute force is simply no longer an option. In response, attackers have started to up their game. They now try to analyse the physical signs and attributes of a system to discover a way in. Here are four examples of side channel attacks:
Computational timing observes the transport of data into and out of a CPU or memory hardware. By measuring the variations on the time it takes to complete cryptographic operations, it is possible to discover pass keys.
It is possible to measure the power consumed by some systems. When graphed, it correlates to the operations that are more power-intensive — they have a detectable repetition or identifiable marker that can reveal their correlation with the bits of secret information.
Instead of measuring the power used, this method analyses the electromagnetic radiation given off by a system. This information can be used to gain access to crypto keys or other information.
With fault injection, or fault analysis, a device's power is intentionally glitched or a bit in its memory is toggled with a laser beam. The effect of this injected fault is analyzed. Sometimes, the device yields the secure information.
Is there any possible defense against such attacks? Fortunately, the answer is yes.
Through the careful implementation of cryptographic algorithms it is possible to reduce, or even prohibit, the data that could be yielded from side channel attacks. Particularly, efficient and optimised implementation of Elliptic Curve Cryptographic (ECC) algorithms with resistance to side channel attacks taken into the design are an optimal choice for public key cryptosystems.
Think of an ECC operation that is resistant to side-channel attacks as the best poker player at a table: No eye twitch, no fidget, no itchy nose, no tell to tip off the other players as to what is in their hand; then with swift moves, wins the game every time.
Side channel attacks are sneaky and difficult to protect against. When deciding upon how to render your next product secure when communicating to other system components, a business would be wise to research the security mechanism the product will employ and make sure that data is being protected, regardless of the direction of the next attack.