Stronger Smart Device Security to Effectively Protect Against Powerful Hacker Attacks

Stronger Smart Device Security to Effectively Protect Against Powerful Hacker Attacks

MIT researchers proved that analog-to-digital converters in smart devices are subject to power and electromagnetic side-channel assaults used by hackers to "eavesdrop" on devices and collect sensitive information. They devised two security solutions that successfully and efficiently defend against both sorts of threats. Photographer: MIT News

Stronger Smart Device Security to Effectively Protect Against Powerful Hacker Attacks

Engineers present two security solutions for protecting analog-to-digital converters against strong assaults aimed at stealing user data.

Researchers are competing with hackers to create tighter safeguards that protect data from bad agents that would steal information by eavesdropping on smart gadgets.

The susceptibility of digital processors has been the subject of much of the work to prevent these "side-channel assaults." For example, hackers can exploit the electric current pulled by a smartwatch's CPU to reassemble confidential data being processed, such as a password.

MIT researchers recently published a paper in the IEEE Journal of Solid-State Circuits demonstrating that analog-to-digital converters in smart devices are vulnerable to power side-channel attacks. These converters encode real-world signals from sensors into digital values that can be processed computationally. A hacker might monitor the analog-to-digital converter's power supply current and apply machine learning methods to precisely recreate output data.

Engineers reveal that analog-to-digital converters are also vulnerable to a stealthier sort of side-channel assault in two recent research articles, and outline ways for effectively blocking both attacks. Their approaches are more effective and less expensive than conventional security measures.

According to Hae-Seung Lee, the Advanced Television and Signal Processing Professor of Electrical Engineering, director of the Microsystems Technology Laboratories, and senior author of the most recent research paper, minimizing power consumption and cost are critical factors for portable smart devices.

"It's always a cat and mouse game with side-channel strikes." If we hadn't done the study, the hackers would have most likely developed these technologies and utilized them to target analog-to-digital converters, so we are preventing the hackers from acting," he says.

First-author and graduate student Ruicong Chen, graduate student Hanrui Wang, and Anantha Chandrakasan, dean of the MIT School of Engineering and the Vannevar Bush Professor of Electrical Engineering and Computer Science, all contributed to the research. The findings will be discussed at the IEEE Symposium on VLSI Circuits. A similar article was recently presented at the IEEE Custom Integrated Circuits Conference by first-author and graduate student Maitreyi Ashok; Edlyn Levine, previously at MITRE and currently chief science officer at America's Frontier Fund; and senior author Chandrakasan.

The paper's authors include main author Taehoon Jeong, who was a graduate student at MIT and is now with Apple, Inc, Chandrakasan, and Lee, a senior author.

A non-invasive assault

A hostile agent generally solders a resistor onto the device's circuit board to evaluate its power use when conducting a power side-channel attack. An electromagnetic side-channel assault, on the other hand, is noninvasive; the agent use an electromagnetic probe capable of monitoring electric current without touching the device.

The researchers demonstrated that an electromagnetic side-channel assault on an analog-to-digital converter was just as successful as a power side-channel attack, even when the probe was held 1 centimeter away from the device. This exploit might be used by a hacker to obtain confidential data from an implanted medical device.

To counteract these threats, the researchers randomized the ADC conversion procedure.

An ADC transforms an unknown input voltage, such as that from a biometric sensor, to a digital value. To do this, a typical form of ADC places a threshold in the center of its voltage range and compares the input voltage to the threshold using a circuit known as a comparator. If the comparator determines that the input is greater, the ADC sets a new threshold in the upper half of the range and restarts the comparison.

This method is repeated until the unknown range is sufficiently limited that a digital value can be assigned to the input.

The ADC commonly establishes thresholds by switching capacitors, which consume varying quantities of electric current. An attacker may keep an eye on the power supply and use them to develop a machine-learning model that can reconstitute output data with startling precision.

Making the procedure random

To avoid this, Ashok and her colleagues utilized a random number generator to determine when each capacitor switched on and off. This randomization makes it far more difficult for an attacker to link power supply to output data. Their method also keeps the comparator running indefinitely, making it impossible for an attacker to determine when each stage of the conversion began and concluded.

"The aim is to divide what would ordinarily be a binary search procedure into smaller parts, making it harder to tell where you are in the binary search process." "By inserting some randomness into the conversion, the leakage is independent of the individual processes," explains Ashok.

Chen and his colleagues created an ADC that randomizes the conversion process's beginning point. This approach use two comparators and an algorithm to randomly create two thresholds instead of one, resulting in millions of different ADC outputs. An attacker would have a difficult time correlating a power supply waveform to a digital output as a result of this.

Using two thresholds and splitting the chip in half not only allows for different beginning positions, but it also removes any speed disadvantage, allowing it to run almost as quickly as a conventional ADC.

Both approaches are resistant to power and electromagnetic side-channel assaults without degrading ADC performance. Ashok's technique required just 14% extra chip area, whilst Chen's required no additional space. Both consume far less power than comparable secure ADCs.

Each approach is designed for a certain use. The method Ashok devised is simple, making it ideal for low-power applications such as smart gadgets. Chen's more complicated method is intended for high-speed applications such as video processing.

"For the previous half-century of ADC development, individuals have concentrated on enhancing the circuit's power, performance, or area." We've demonstrated that it's also critical to think about ADC security. "We have additional aspects to consider for designers," Chen explains.

The researchers intend to apply these technologies to construct detection-driven devices now that they have demonstrated their usefulness. Protection in these chips would only activate when the device detects a side-channel attack, potentially increasing energy efficiency while retaining security.

"In order to construct secure low-power edge devices, every component of the system must be optimized." Secure analog and mixed-signal circuits are a relatively young and essential research area. "Our study shows that it is feasible to infer data at the output of analog-to-digital converters with high accuracy by leveraging developments in machine learning and fine-grained measuring techniques," Chandrakasan adds. "It is feasible to develop power and EM side-channel secure circuits using optimized circuit approaches such as optimizing switching strategies, enabling fully secure devices." This will be crucial in applications requiring data privacy, such as health care."

Post a Comment

Previous Post Next Post