The Temperature Side Channel and Heating Fault Attacks

Hutter, Michael; Schmidt, Jörn-Marc

doi:10.1007/978-3-319-14123-7_15

Cited by 30 publications

(16 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Typically such fault-inducing environments are at the border of (or beyond) the specified operational range of the target device. Different environment manipulations have been investigated [26], such as: exposure to voltage and clock glitching [2,62], extreme temperatures [29] or laser/UV light [63].…”

Section: A Related Work On Software-based Fault Attacksmentioning

confidence: 99%

Plundervolt: Software-based Fault Injection Attacks against Intel SGX

Murdock

Oswald

Garcia

et al. 2020

2020 IEEE Symposium on Security and Privacy (SP)

229

112

View full text Add to dashboard Cite

Dynamic frequency and voltage scaling features have been introduced to manage ever-growing heat and power consumption in modern processors. Design restrictions ensure frequency and voltage are adjusted as a pair, based on the current load, because for each frequency there is only a certain voltage range where the processor can operate correctly. For this purpose, many processors (including the widespread Intel Core series) expose privileged software interfaces to dynamically regulate processor frequency and operating voltage. In this paper, we demonstrate that these privileged interfaces can be reliably exploited to undermine the system's security. We present the Plundervolt attack, in which a privileged software adversary abuses an undocumented Intel Core voltage scaling interface to corrupt the integrity of Intel SGX enclave computations. Plundervolt carefully controls the processor's supply voltage during an enclave computation, inducing predictable faults within the processor package. Consequently, even Intel SGX's memory encryption/authentication technology cannot protect against Plundervolt. In multiple case studies, we show how the induced faults in enclave computations can be leveraged in real-world attacks to recover keys from cryptographic algorithms (including the AES-NI instruction set extension) or to induce memory safety vulnerabilities into bug-free enclave code. We finally discuss why mitigating Plundervolt is not trivial, requiring trusted computing base recovery through microcode updates or hardware changes.

show abstract

Section: A Related Work On Software-based Fault Attacksmentioning

confidence: 99%

Plundervolt: Software-based Fault Injection Attacks against Intel SGX

Murdock

Oswald

Garcia

et al. 2020

2020 IEEE Symposium on Security and Privacy (SP)

229

112

View full text Add to dashboard Cite

show abstract

“…By observing the power consumption of a cryp tosystem, it is possible to deduce the key bits of RSA [19] or even to break the key [20]. Some other sidechannel impacts include timing delays [20], electromagnetic leaks [21], tempera ture [22], or radiation [21]. Quality inspection in IoT-based manufacturing can meas ure side-channel impacts as well, to determine if a manufac tur ing process deviates from its designed specifica tions.…”

Section: A Taxonomy Of Quality Inspection In Iot-based Manufactur mentioning

confidence: 99%

Taxonomies for Reasoning About Cyber-physical Attacks in IoT-based Manufacturing Systems

Pan¹,

White²,

Schmidt³

et al. 2017

IJIMAI

View full text Add to dashboard Cite

-The Internet of Things (IoT) has transformed many aspects of modern manufacturing, from design to production to quality inspection. In particular, IoT and digital manufacturing technol-ogies have substantially accelerated product developmentcycles and manufacturers can now create products of a complexity and precision not heretofore possible. However, new threats to supply chain security have arisen from connecting machines to the In-ternet and introducing complex IoT-based systems controlling manufacturing processes. By attacking these IoT-based manufacturing systems and tampering with digital files, attackers can manipulate physical characteristics of parts and change the dimensions, shapes, or mechanical properties of the parts, which can result in parts that fail in the field. These defects increase manufacturing costs and allow silent problems to occur only under certain loads that can threaten safety and/or lives. To understand potential dangers and protect manufacturing system integrity, this paper presents two taxonomies: one for classifying cyber-physical attacks against manufacturing processes and another for quality inspection measures for counteracting these attacks. We systematically identify and classify possible cyberphysical attacks and connect the attacks with variations in manufacturing processes and quality inspection measures. Our taxonomies also provide a scheme for linking emerging IoT-based manufacturing system vulnerabilities to possible attacks and quality inspection measures.

show abstract

“…Such mobile devices have to face hostile security threats [4]- [7] such as physical, logical/software-based and side-channel/lateral attacks. Amongst these, side-channel attack [4]- [6] is a popular security threat due to ease of access to the physical hardware where attacks are performed by observing the properties and behavior of the system such as power consumption, thermal dissipation, electromagnetic emission, etc.…”

Section: Introductionmentioning

confidence: 99%

“…Comparatively a lot less documented studies are performed in temperature (thermal) based side channel attacks [4]- [6] in mobile edge devices. Most of these mobile devices come equipped with heterogeneous multi-processors systemson-chip (MPSoC), which consists of multiple heterogeneous processors on a single chip, capable of processing different types of applications to cater for performance and energyefficiency of the executing applications.…”

Section: Introductionmentioning

confidence: 99%

“…Most of these mobile devices come equipped with heterogeneous multi-processors systemson-chip (MPSoC), which consists of multiple heterogeneous processors on a single chip, capable of processing different types of applications to cater for performance and energyefficiency of the executing applications. Due to an increase in the usage of MPSoCs [2], [8]- [13] in mobile edge devices and a rise in studies on thermal side channel attacks [6], [14], [15], it is crucial that side channel attacks in such platform should be addressed with utmost importance [15].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

ThermalAttackNet: Are CNNs Making It Easy To Perform Temperature Side-Channel Attack In Mobile Edge Devices?

Dey¹,

Kumar²,

McDonald-Maier³

2020

Preprint

View full text Add to dashboard Cite

<div><div><div><p>Side-channel attacks remain a challenge to information flow control and security in mobile edge devices till this date. One such important security flaw could be exploited through temperature side-channel attacks, where heat dissipation and propagation from the processing cores are observed over time in order to deduce security flaws. In this brief, we study how computer vision based convolutional neural networks (CNNs) could be used to exploit temperature (thermal) side-channel attack on different Linux governors in mobile edge device utilizing multi- processor system-on-chip (MPSoC). We also designed a power- and memory-efficient CNN model that is capable of performing thermal side-channel attack on the MPSoC and can be used by industry practitioners and academics as a benchmark to design methodologies to secure against such an attack in MPSoC.</p></div></div></div>

show abstract

The Temperature Side Channel and Heating Fault Attacks

Cited by 30 publications

References 26 publications

Plundervolt: Software-based Fault Injection Attacks against Intel SGX

Plundervolt: Software-based Fault Injection Attacks against Intel SGX

Taxonomies for Reasoning About Cyber-physical Attacks in IoT-based Manufacturing Systems

ThermalAttackNet: Are CNNs Making It Easy To Perform Temperature Side-Channel Attack In Mobile Edge Devices?

Contact Info

Product

Resources

About