Embedded Files
You must be using smartcards and smartphones, smart-cars or some IoT device. Most of them are running some crypto within, and you think yourself fine depending on the beautiful cryptographic algorithms . However, the reality is a bit different as your devices can still be hacked quite easily using a special attack strategy. For example, you can just send your car for repair and somebody might hack it completely. As an use case, the famous researcher Adi Shamir (the ``S'' of RSA, father of secret sharing and differential cryptanalysis) have shown that a complete smart city can be digitally hijacked with an attack strategy I just mentioned.
What lies beneath is power/electromagnetic side-channel attack. Due to the physics of CMOS devices, the power consumption/EM radiation from each computing device becomes correlated with the data it processes. Exploiting this correlation, one can extract the secrets from cryptographic algorithms. Indeed you require some kind of physical proximity to the attack device , but that is quite common in our modern connected world.
Research in side-channel analysis has come a long way, and the countermeasures are quite well-understood at the theoretical level. The most common from of countermeasure is called masking, which is an adaptation of secret-sharing. However, from practical side, we are still lacking as a theoritically sound countermeasure might not always translate to a practically sound countermeasure. Therefore, sound automated checks at every level of hardware/software design flow is needed, which is quite challenging and requires significant research effort from the community. From the cryptography side, new attack techniques, especially on recently proposed Post-Quantum algorithms are extremely interesting.
Page updated
Google Sites
Report abuse