Blockchain Council

Overview

  • Side channel attacks are very difficult to detect.
  • Process of attacking an encryption system by looking at its physical affects on a computer system (e.g. power usage, processing time)
  • The best protection against side channel attacks are physical security, masking, noise injection, and constant time operations.
  • Recent critical vulnerabilities such as Meltdown and Spectre had a side channel exploitation vector.

What is a side channel attack?

A side-channel attack is a type of cybersecurity threat that targets a system’s implementation rather than exploiting vulnerabilities in its design or code. Instead of directly attacking the system’s main functions, a side-channel attack focuses on gathering information from indirect sources, such as the system’s physical characteristics or behavior.

Imagine a computer as a locked safe containing valuable information. In a traditional attack, a hacker might try to guess the combination or find a way to break the lock. However, in a side-channel attack, the hacker would try to find alternative ways to gain information about the contents of the safe without directly opening it. For example, the hacker might:

  • Listen to the sounds the safe makes when the combination is entered, hoping to identify the correct sequence of numbers.
  • Measure the time it takes for the safe to respond to different combinations, as the correct combination might have a slightly different response time.
  • Observe the power consumption of the safe’s electronic components, as the correct combination might cause a unique power usage pattern.

Similarly, in a computer system, a side-channel attack might involve:

  • Analyzing the time taken by the system to perform certain operations, as sensitive data might affect the processing time.
  • Measuring the power consumption of the system during different operations, as sensitive data might cause distinct power usage patterns.
  • Observing the system’s electromagnetic emissions or sound produced during various computations, as sensitive data might create unique patterns.

Defending Against these Attacks

Side channel attacks are notoriously difficult to defend against. First of all, they are difficult to detect since no actual indicators of compromise exist. The only way to protect against these attacks is to implement preventative measures. Listed below are measures that are taken to reduce the risk of side channel attacks:

  1. Noise injection: This technique involves adding random noise to the system’s operations to make it harder for an attacker to identify patterns or extract sensitive information. Imagine trying to eavesdrop on a conversation in a crowded room – the background noise makes it more difficult to hear the specific words being said. Similarly, by introducing noise into a computer system’s operations, it becomes more challenging for an attacker to distinguish between normal operations and those involving sensitive data.
  2. Constant-time operations: This approach ensures that the time taken to perform a specific operation remains constant, regardless of the input data. Think of it like a vending machine that always takes the same amount of time to dispense a snack, no matter which button you press. By designing algorithms and systems to have constant-time operations, an attacker cannot infer sensitive information based on the time taken to complete a task.
  3. Masking: Masking involves combining sensitive data with random values before processing it. It’s like mixing paint colors – if you add a random color to the original color, it becomes harder to guess what the original color was. By masking sensitive data, even if an attacker observes the system’s behavior, they cannot easily determine the original data.
  4. Physical security: Protecting the physical environment where the system is located is crucial. This includes measures like restricting access to the hardware, using shielded cables to prevent electromagnetic emissions, and ensuring that the system is not exposed to extreme temperatures or other environmental conditions that could affect its behavior.

Spectre Vulnerability as a Side Channel Attack

The Spectre vulnerabilities targets a performance enhancement function implemented by several types of Intel and IBM processors. This function looks ahead in program code and find true/false or math routines and executes them before the user or application requested execution. This is called speculative execution.

Computer systems utilize what is called protected memory. This is memory a user or application must request access to via the processor. A request to access protected memory takes a long time in the processing realm. This waiting time is the key execution of the Spectre vulnerability. Since speculative execution begins to process the look ahead program code, it stores the results in CPU cache while it waits for access permission to protected memory.

LEGO Brand Retail