Abstract
In this paper, a new concept of a low cost, Low Area Probing Detector (LAPD) is presented. Probing or microprobing is an attack technique against integrated circuits implementing security functions, such as OTP tokens or smartcards. It allows intercepting secrets from on-chip wires as well as injecting faults for other attacks. Microprobing is invasive as classified by Skorobogatov in 2005 and requires opening the microchip package as well as removing the passivation layer. While it may sound complicated and expensive, Maier and Nohl showed in 2012 that microprobing is feasible for low-budget adversaries. However, existing protection techniques against microprobing, such as active shields, redundancy of core components, or analog detection circuits containing large capacitors, are still expensive.
The LAPD provides low-cost protection against microprobing. It measures minimal timing differences between on-chip wires caused by the capacitive load of microprobes. As a novelty, it is merely based on digital components and does not require analog circuitry, which reduces the required area and process steps compared to previous approaches.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Anderson, R., Bond, M., Clulow, J., Skorobogatov, S.: Cryptographic processors-a survey. Proc. IEEE 94(2), 357–369 (2006)
Balankutty, A., Chih, T.C., Chen, C.Y., Kinget, P.: Mismatch characterization of ring oscillators. In: Custom Integrated Circuits Conference, CICC ’07, pp. 515–518. IEEE (2007)
Bowman, K.A., Austin, B.L., Eble, J.C., Tang, X., Meindl, J.D.: A physical alpha-power law MOSFET model. In: Proceedings of the 1999 International Symposium on Low Power Electronics and Design, ISLPED ’99, pp. 218–222. ACM, New York (1999). http://doi.acm.org/10.1145/313817.313930
Buchmüler, H.U.: Security Target M7820 A11 and M11, August 2012. http://www.commoncriteriaportal.org/files/epfiles/0829b_pdf.pdf. Accessed 16 Jan 2014
Common Criteria for Information Technology Security Evaluation, Part 3: Security assurance components (2012). https://www.niap-ccevs.org/Documents_and_Guidance/cc_docs.cfm. Accessed 25 Aug 2013
Helfmeier, C., Nedospasov, D., Tarnovsky, C., Krissler, J., Boit, C., Seifert, J.P.: Breaking and entering through the silicon. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS ’13, pp. 733–744. ACM, New York (2013). http://doi.acm.org/10.1145/2508859.2516717
Kömmerling, O., Kuhn, M.G.: Design principles for tamper-resistant smartcard processors. In: Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology, WOST’99, p. 2. USENIX Association, Berkeley (1999). http://dl.acm.org/citation.cfm?id=1267115.1267117
Krämer, J., Nedospasov, D., Schlösser, A., Seifert, J.-P.: Differential photonic emission analysis. In: Prouff, E. (ed.) COSADE 2013. LNCS, vol. 7864, pp. 1–16. Springer, Heidelberg (2013)
Ling, M., Wu, L., Li, X., Zhang, X., Hou, J., Wang, Y.: Design of monitor and protect circuits against FIB attack on chip security. In: 2012 Eighth International Conference on Computational Intelligence and Security (CIS), pp. 530–533 (2012)
Maier, P., Nohl, K.: Low-Cost Chip Microprobing. 29th Chaos Communication Congress (29C3), November 2012. http://events.ccc.de/congress/2012/Fahrplan/attachments/2247_29C3-Dexter_Nohl-Low_Cost_Chip_Microprobing.pdf. Accessed 16 Jan 2014
Manich, S., Wamser, M.S., Sigl, G.: Detection of probing attempts in secure ICs. In: Hardware-Oriented Security and Trust (HOST), pp. 134–139 (2012)
Picoprobe Model 18C & Picoprobe Model 19C. Datasheet. http://www.ggb.com/PdfIndex_files/mod18c.pdf. Accessed 16 Jan 2014
Sakurai, T., Newton, A.R.: Alpha-power law MOSFET model and its applications to CMOS inverter delay and other formulas. IEEE J. Solid-State Circuits 25(2), 584–594 (1990)
Tarnovsky, C.: Deconstructing a ‘Secure’ Processor. Blackhat DC (2012)
Acknowledgements
This work was partly funded by the Spanish research program TEC2010-18384 as well as by the German Federal Ministry of Education and Research (BMBF) in the project SIBASE through grant number 01S13020A.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Weiner, M., Manich, S., Sigl, G. (2014). A Low Area Probing Detector for Power Efficient Security ICs. In: Saxena, N., Sadeghi, AR. (eds) Radio Frequency Identification: Security and Privacy Issues. RFIDSec 2015. Lecture Notes in Computer Science(), vol 8651. Springer, Cham. https://doi.org/10.1007/978-3-319-13066-8_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-13066-8_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-13065-1
Online ISBN: 978-3-319-13066-8
eBook Packages: Computer ScienceComputer Science (R0)