SoK: Remote Power Analysis

MacArena C. Martínez-Rodríguez; Ignacio M. Delgado-Lozano; Billy Bob Brumley

doi:10.1145/3465481.3465773

SoK: Remote Power Analysis

MacArena C. Martínez-Rodríguez
, Ignacio M. Delgado-Lozano
, Billy Bob Brumley

Computing Sciences

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

8 Citations (Scopus)

17 Downloads (Pure)

Abstract

In recent years, numerous attacks have appeared that aim to steal secret information from their victim using the power side-channel vector, yet without direct physical access. These attacks are called Remote Power Attacks or Remote Power Analysis, utilizing resources that are natively present inside the victim environment. However, there is no unified definition about the limitations that a power attack requires to be defined as remote. This paper aims to propose a unified definition and concrete threat models to clearly differentiate remote power attacks from non-remote ones. Additionally, we collect the main remote power attacks performed so far from the literature, and the principal proposed countermeasures to avoid them. The search of such countermeasures denoted a clear gap in preventing remote power attacks at the technical level. Thus, the academic community must face an important challenge to avoid this emerging threat, given the clear room for improvement that should be addressed in terms of defense and security of devices that work with private information.

Original language	English
Title of host publication	16th International Conference on Availability, Reliability and Security, ARES 2021
Publisher	ACM
Number of pages	12
ISBN (Electronic)	9781450390514
DOIs	https://doi.org/10.1145/3465481.3465773
Publication status	Published - 17 Aug 2021
Publication type	A4 Article in conference proceedings
Event	International Conference on Availability, Reliability and Security - Duration: 17 Aug 2021 → 20 Aug 2021

Publication series

Name	ACM International Conference Proceeding Series

Conference

Conference	International Conference on Availability, Reliability and Security
Period	17/08/21 → 20/08/21

Funding

Acknowledgments. (i) This project has received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (grant agreement No 804476). (ii) Supported in part by the Cybersecurity Research Award granted by the Technology Innovation Institute (TII). (iii) Supported in part by CSIC’s i-LINK+ 2019 “Advancing in cybersecurity technologies” (Ref. LINKA20216). (iv) M. C. Martínez-Rodríguez holds a Post-doc fellowship supported by the Andalusian government with support from the PO. FSE of the European Union. (v) Ignacio M. Delgado-Lozano was financially supported in part by HPY Research Foundation.

Keywords

applied cryptography
countermeasures
hardware security
power analysis
remote power analysis
side-channel analysis

Publication forum classification

Publication forum level 1

ASJC Scopus subject areas

Human-Computer Interaction
Computer Networks and Communications
Computer Vision and Pattern Recognition
Software

Access to Document

10.1145/3465481.3465773

2021-015
This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Accepted author manuscript, 553 KBLicence: Unspecified

https://urn.fi/URN:NBN:fi:tuni-202210257814Licence: Unspecified

Cite this

@inproceedings{68b3109db10f4632b3f32a26bb34f291,

title = "SoK: Remote Power Analysis",

abstract = "In recent years, numerous attacks have appeared that aim to steal secret information from their victim using the power side-channel vector, yet without direct physical access. These attacks are called Remote Power Attacks or Remote Power Analysis, utilizing resources that are natively present inside the victim environment. However, there is no unified definition about the limitations that a power attack requires to be defined as remote. This paper aims to propose a unified definition and concrete threat models to clearly differentiate remote power attacks from non-remote ones. Additionally, we collect the main remote power attacks performed so far from the literature, and the principal proposed countermeasures to avoid them. The search of such countermeasures denoted a clear gap in preventing remote power attacks at the technical level. Thus, the academic community must face an important challenge to avoid this emerging threat, given the clear room for improvement that should be addressed in terms of defense and security of devices that work with private information.",

keywords = "applied cryptography, countermeasures, hardware security, power analysis, remote power analysis, side-channel analysis",

author = "Mart{\'i}nez-Rodr{\'i}guez, \{MacArena C.\} and Delgado-Lozano, \{Ignacio M.\} and Brumley, \{Billy Bob\}",

note = "Funding Information: Acknowledgments. (i) This project has received funding from the European Research Council (ERC) under the European Union{\textquoteright}s Horizon 2020 research and innovation programme (grant agreement No 804476). (ii) Supported in part by the Cybersecurity Research Award granted by the Technology Innovation Institute (TII). (iii) Supported in part by CSIC{\textquoteright}s i-LINK+ 2019 “Advancing in cybersecurity technologies” (Ref. LINKA20216). (iv) M. C. Mart{\'i}nez-Rodr{\'i}guez holds a Post-doc fellowship supported by the Andalusian government with support from the PO. FSE of the European Union. (v) Ignacio M. Delgado-Lozano was financially supported in part by HPY Research Foundation. Publisher Copyright: {\textcopyright} 2021 ACM.; International Conference on Availability, Reliability and Security ; Conference date: 17-08-2021 Through 20-08-2021",

year = "2021",

month = aug,

day = "17",

doi = "10.1145/3465481.3465773",

language = "English",

series = "ACM International Conference Proceeding Series",

publisher = "ACM",

booktitle = "16th International Conference on Availability, Reliability and Security, ARES 2021",

address = "United States",

}

SoK: Remote Power Analysis. / Martínez-Rodríguez, MacArena C.; Delgado-Lozano, Ignacio M.; Brumley, Billy Bob.
16th International Conference on Availability, Reliability and Security, ARES 2021. ACM, 2021. 7 (ACM International Conference Proceeding Series).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

TY - GEN

T1 - SoK

T2 - International Conference on Availability, Reliability and Security

AU - Martínez-Rodríguez, MacArena C.

AU - Delgado-Lozano, Ignacio M.

AU - Brumley, Billy Bob

N1 - Funding Information: Acknowledgments. (i) This project has received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (grant agreement No 804476). (ii) Supported in part by the Cybersecurity Research Award granted by the Technology Innovation Institute (TII). (iii) Supported in part by CSIC’s i-LINK+ 2019 “Advancing in cybersecurity technologies” (Ref. LINKA20216). (iv) M. C. Martínez-Rodríguez holds a Post-doc fellowship supported by the Andalusian government with support from the PO. FSE of the European Union. (v) Ignacio M. Delgado-Lozano was financially supported in part by HPY Research Foundation. Publisher Copyright: © 2021 ACM.

PY - 2021/8/17

Y1 - 2021/8/17

N2 - In recent years, numerous attacks have appeared that aim to steal secret information from their victim using the power side-channel vector, yet without direct physical access. These attacks are called Remote Power Attacks or Remote Power Analysis, utilizing resources that are natively present inside the victim environment. However, there is no unified definition about the limitations that a power attack requires to be defined as remote. This paper aims to propose a unified definition and concrete threat models to clearly differentiate remote power attacks from non-remote ones. Additionally, we collect the main remote power attacks performed so far from the literature, and the principal proposed countermeasures to avoid them. The search of such countermeasures denoted a clear gap in preventing remote power attacks at the technical level. Thus, the academic community must face an important challenge to avoid this emerging threat, given the clear room for improvement that should be addressed in terms of defense and security of devices that work with private information.

AB - In recent years, numerous attacks have appeared that aim to steal secret information from their victim using the power side-channel vector, yet without direct physical access. These attacks are called Remote Power Attacks or Remote Power Analysis, utilizing resources that are natively present inside the victim environment. However, there is no unified definition about the limitations that a power attack requires to be defined as remote. This paper aims to propose a unified definition and concrete threat models to clearly differentiate remote power attacks from non-remote ones. Additionally, we collect the main remote power attacks performed so far from the literature, and the principal proposed countermeasures to avoid them. The search of such countermeasures denoted a clear gap in preventing remote power attacks at the technical level. Thus, the academic community must face an important challenge to avoid this emerging threat, given the clear room for improvement that should be addressed in terms of defense and security of devices that work with private information.

KW - applied cryptography

KW - countermeasures

KW - hardware security

KW - power analysis

KW - remote power analysis

KW - side-channel analysis

U2 - 10.1145/3465481.3465773

DO - 10.1145/3465481.3465773

M3 - Conference contribution

AN - SCOPUS:85107827430

T3 - ACM International Conference Proceeding Series

BT - 16th International Conference on Availability, Reliability and Security, ARES 2021

PB - ACM

Y2 - 17 August 2021 through 20 August 2021

ER -

SoK: Remote Power Analysis

Abstract

Publication series

Conference

Funding

Keywords

Publication forum classification

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this