Skip to main content

Side-channel attack


A side-channel attack (SCA) is a security exploit that involves collecting information about what a computing device does when it is performing cryptographic operations and using that information to reverse engineer the device's cryptography system. In computing, a side channel is any communication channel that is incidental to another communication channel. Security researcher Paul Kocher is credited with coining the term side-channel attack in the 1990s when he discovered it was possible to reverse engineer security tokens by monitoring a computer's power consumption and electromagnetic emissions.
Unlike many other types of security exploits, side-channel attacks are hardware and software agnostic. Instead of targeting a software vulnerability caused by a coding error or configuration drift, the attacker exploits the way the device's operating system (OS) accesses the hardware upon which the OS runs. Side-channel attacks can be launched against any operating system, including Windows and Linux.

Types of Side-Channel Attacks

Side-channel attacks work by monitoring the emissions produced by electronic circuits when the victim's computer is being used. In addition to exploiting information about power consumption and electromagnetic fields, an attacker may actually listen to the sounds a central processing unit (CPU) produces and use that information to reverse engineer what the computer is doing. This type of side-channel attack is called an acoustic cryptanalysis attack. Other types of side-channel attack include:

  • Cache attacks that exploit how and when cache is accessed in a physical system.
  • Differential fault analysis attacks that seek to glean information from a system by introducing faults into the system's computations. 
  • Timing attacks that track the movement of data to and from a system's CPU and memory.
  • Thermal-imaging attacks that use infrared images to observe the surface of a CPU chip and collect executed code.
  • Optical side-channel attacks that collect information about hard disk activity by using an audio/visual recorder, such as a video camera.
  • Van Eck phreaking is a form of eavesdropping that involves monitoring the electromagnetic fields produced by data as it moves through the computer.


How to Prevent Side-Channel Attacks

To prevent side-channel attacks, users have two choices: they must either reduce the release of electromagnetic information that could be used to launch an attack or they must make it impossible for an attacker to link information about what the CPU is doing with specific compute operations. For example, a computer engineer may want to change the order of operations used on data within the system by using a process called randomization to make it more difficult for an attacker to launch a side-channel attack.

Another preventative technique an engineer may use is to increase the amount of noise in a channel. An increase in noise means an attacker will have to collect more measurements than is needed and not all the information will be relevant. Faraday cages can also be used to reduce electromagnetic leaks.


Comments

Popular posts from this blog

Ghosting

Ghosting is to cease communications without notification. The use of the word "ghost" as a verb originated in social media in reference to dating, but the term is now used by employers to describe employees and potential employees who suddenly disappear. Typically, ghosting is used to describe: Job candidates who suddenly stop responding to messages. New hires who fail to show up for their first day of work. Employees who do not show up for a shift. Employees who leave work in the middle of the day and never come back. Some analysts blame ghosting on millennial entitlement. The reasoning is that members of the millennial generation have been brought up to feel they are special -- so special, in fact, that they do not need to follow conventional rules of behavior. Other analysts, however, maintain that ghosting behavior stems from changes in the job market and the phenomenon is simply a reflection of the laws of supply and demand in a healthy jo...

Data deduplication

Data deduplication -- often called intelligent compression or single-instance storage -- is a process that eliminates redundant copies of data and reduces storage overhead. Data deduplication techniques ensure that only one unique instance of data is retained on storage media, such as disk, flash or tape. Redundant data blocks are replaced with a pointer to the unique data copy. In that way, data deduplication closely aligns with incremental backup, which copies only the data that has changed since the previous backup. For example, a typical email system might contain 100 instances of the same 1 megabyte (MB) file attachment. If the email platform is backed up or archived, all 100 instances are saved, requiring 100 MB of storage space. With data deduplication, only one instance of the attachment is stored; each subsequent instance is referenced back to the one saved copy. In this example, a 100 MB storage demand drops to 1 MB. Target vs. source deduplication Data deduplica...

A Graphics Processing Unit (GPU)

A graphics processing unit (GPU) is a computer chip that performs rapid mathematical calculations, primarily for the purpose of rendering images. A GPU may be found integrated with a central processing unit (CPU) on the same circuit, on a graphics card or in the motherboard of a personal computer or server. In the early days of computing, the CPU performed these calculations. As more graphics-intensive applications such as AutoCAD were developed; however, their demands put strain on the CPU and degraded performance. GPUs came about as a way to offload those tasks from CPUs, freeing up their processing power. NVIDIA, AMD, Intel and ARM are some of the major players in the GPU market. GPU vs. CPU A graphics processing unit is able to render images more quickly than a central processing unit because of its parallel processing architecture, which allows it to perform multiple calculations at the same time. A single CPU does not have this capability, although multi...