Comments

Herb WarrenAugust 14, 2019 1:09 PM

“The correct method would be to go the government rather than to go to a group of hobbyists or hackers or whatever you want to call them.”
Right, because keeping vulnerabilities secret makes always helps to improve security...

Clive RobinsonAugust 14, 2019 2:38 PM

@ All,

Side channels are an issue for three basic reasons,

1, They tend to be covert, thus easy to miss during testing.

2, They tend to be very difficult to design out of a system, especially consumer products.

3, Unless the design engineers both hardware and software have a lot of experience in this area their solutions will tend to be expensive.

However a fundemental reason why they exist is "bandwidth" the more of it you have the easier it is to find ways to build and hide covert channels, over and above those that arise due to inapropriate design. One especially bad design choice for side channels is "efficiency" primarily designing for minimum time or fastest response.

As I've noted in the past there os the rule of thumb of "Security-v-Efficiency" in general the more efficient you make something the less secure it is.

We have power supply units that are well up in the 90% range, in part they do this in two ways. The first is to have a very low impedence high voltage source, the second is to very rapidly switch this into an energy storage component such as a capacitor or inductor with as little "Effective Series Resistance" as possible (parallel resistance can be mathmatically transformed into an equivalent series resistance).

Thus you have very high speed thus wide bandwidth pulses that are directly related to load. Such signals due to the low source impedence are easily seen as proportional to power consumption by the load circuit. Which is why the press of a key on a keyboard shows up on the power supply lines. That is the press of any key causes an interrupt which then causes the keyboard to be scanned in the X and Y directions. To try and improve efficiency many keyboard scan algorithms stop at first active wire detection in both the X and Y wires.

Thus when the Interupt occures the microcontroler wakes up or switches into interupt mode which generates the equivalent of a stat signal. It then scans for a pressed wire, which means that there is a time delay dependent on which key is pressed. Thus there is a visable power signiture related to which key is pressed. Other "regular functions" generate their own specific power signiture. In general the more efficient the power supply the clearer these signals are. Worse perhaps is the output of High Level Language Compilers, each standard library function will in effect have it's own power signature. Thus it is possible to "reverse engineer" code via the effect the compiled functions have on the power supply, it was something I was doing back in the 1980's and I gather that back when "old iron mainframes" running "batch jobs" had CPU cycle times below 0.5MHz "operators" would leave a Mediumwave AM radio tuned to an appropriate frequency and listen to the code executing and know roughly what it was doing by the type of noise.

Unfortunately many people designing electronic hardware these days are not realy engineers, and nor for the most part do they need to be. Component manufacturers provide "suggested circuits" that can with fairly minimal electronics knowledge be bolted together into a system. It is after all what we are seeing with IoT devices from "no name" design houses getting things built in China. Mostly these people find that their circuits function as desired but often have Electromagnetic Compatability (EMC) issues. Few of them realise that those signals causing EMC fails are "side channels" carrying away into the EM Spectrum for all to hear the secrets from within their "knock-together" designs.

One sure way to tell the design engineers are not realy engineers with any kind of security knowledge, is when they solve their EMC issues by use of "jittering / whitening" the main system clock. Whilst it might get the averaged signal inside the EMC Mask, it actually decreases system security. Because what it does is turn the the "side channel signals" into "Spread Spectrum" signals, which actually make life easier for an EM Spectrum eavesdropper...

I could go on but there are way to many people designing "security electronics" that realy realy should not be doing so...

Likewise those who write the "firmware" or "application" that runs on some OS they bought in that likrwise was not even remotely designed for security on the Power and EM domains...

Unfortunatly "security locks" especially battery powered electronic locks realy are a "snake oil peddling" paradise... You would have thought people who's job is security would have "wised up by now" but apparently not.

cyanogen readyAugust 14, 2019 10:54 PM

FWIW, Dave L. Jones did an eeVblog episode EEVblog #762 – How Secure Are Electronic Safe Locks? to test side channels on a consumer grade safe. Didn't find any useful correlations to power demand.

He did end up drilling the safe when a wire was accidentally disconnected before it was locked...

He also tells about being on the "no electronic purchase" list (like a no-fly only for hobbyists). He's an Australian; "Dave L. Jones" seems to refer to an American, and now Mr. Jones of Sidney is on a first name basis with Digikey Customer Service because he has to call them to get each order he places released to fulfillment. (You know how things propagate across all the 5-eyes...)

At least his story with a somewhat better ending than than people stuck on the no-fly list.

MrCAugust 15, 2019 12:50 AM

@ Clive:
OK, so that's the wrong way; now please tell us the right way. Shielding? Dummy loads?

lurkerAugust 15, 2019 1:29 AM

These locks seem to be a cut above those on a glossy flyer that fell out of my newspaper during this week: aimed at the upcoming Fathers' day, "smart deadlock kit with Bluetooth"… P'raps they meant Maxwell Smart

JonAugust 15, 2019 1:33 AM

@MrC

The first way I would think of is have the MCU do a lot of spurious calculation (eg. multiply the outputs of two fast asynchronous timers), but that, like most of them, involves a loss of efficiency.

One really silly hacking technique from awhile ago was when large systems would test password entry 'character-by-character', and the difference in processing speed (between a correct character and an incorrect one) was VERY noticeable. Nowadays (I hope!) they wait for the whole password to be entered and test it all at once.

Same thing as Clive Robinson pointed out - ending your keypad scan when you reach a match with the desired number will show up quite loudly on power consumption. Like a password, scan the whole keypad and don't stop when you get a match. Again, 's slower, and costs more battery power. Think people will pay for that (some might. Maybe.)?

As is true of engineering, nothing's perfect. The best way is probably just swamp the 'signal' with noise*.

Jon

* NB. You need good random noise for this too. Another cost.

WaelAugust 15, 2019 2:40 AM

@Clive Robinson,

One especially bad design choice for side channels is "efficiency" primarily designing for minimum time or fastest response.

Just do things in constant time. The protection methods are well-known, since long ago. For the power consumption (DPA, perhaps,) just make sure the algorithm is well designed for side-channel attack resistance. This is actually done in many SoCs.

(parallel resistance can be mathmatically transformed into an equivalent series resistance).

I guess you're referring to the Thevenin and Norton resistance. You'll also need to change the voltage source to a current source or vice-versa.

Thevenin equivalent circuit: Ideal voltage source with a series resistance; Norton equivalent circuit: Ideal current source with a shunt (or parallel) resistor. I know you know that, but perhaps better to clarify for those who're not good in chemistry ;)

Clive RobinsonAugust 15, 2019 9:25 AM

@ MrC,

OK, so that's the wrong way; now please tell us the right way.

There is a short way and a long involved way...

The short way is leverage the long involved work done by others over half a decade or more.

That is consider a system built around somebody elses work that has been tested and certificated as being at an appropriate level of physical and electrical security. A contempory view would be building a system around a Hardware Security Module (HSM) and you will see these pop up in a lot of large scale systems dealing with crypto key certificates and actually doing encryption and decryption.

Well HSM's come in all shapes and sizes such as purpose built security vaults containg racks of server equipment in locked RF cages with specialized screaning and power supplies, down through those single chip devices such as those groovy chips with built in micro shaped charges to blow a bolt of metal plasma through the chip when the anti tamper circuit is triggered. That said such systems are expensive or virtually impossible to source or both...

But back in the 1990's the French in particular were pushing "electronic wallets" and the like and this needed the electronics to be small self contained and communicate with larger systems like ePos terminals. The solution was "Smart Chip Cards" which we now see a quater of a century later in our Bank Cards (Chip-n-Pin) and our mobile phones (Subscriber Identity Modules or SIMs).

The problem with these Smart Chips were that they had lots and lots of information leaking side channels. Well over a period of over half a decade they eliminated a lot of these side channels and mitigated others. Thus most of the security work has been done for you with such chips. More importantly so many of them are used the smart card and it's holder are probably cheaper than the microcontroler chip you would use to interface the I/O to it.

Importantly many of these chips are certified against various attacks as well as being programable via the likes of Java.

If I was designing a modern electronic lock it's probably where I would start, especially as the chips are quite well electrically protected against high voltages and the like.

I would then take care to ensure that the I/O microcontroler did not leak information. As has been noted above "constant time" algorithms help, but you also need to ensure that they are "constant power" as well. The 8051 microcontroler had "constant time instructions" but they were most certainly not "constant power". However with a little thought on what you are doing at the assembler level of software you can usually come up with a way to make tests effectively constant power, one such is to take an inpit and split it into two streams one that does "positive logic" testing the other that dors "negative logic" testing. You interleave these together in such a way that getting the required result gives constant power.

But whilst that stops "power based side channels" there are also "time based side channels". Whilst "constant time" deals with some of them it does not get them all. Which is why you should always "Clock the inputs and clock the ouputs" this stops further time based channels based on "system transparency" and "jitter". You should also "Fail hard and long on error" that is don't try to "error correct" individual parts, just gail the lot and go back to the start state after delaying a random but long time period. Further if you get even marginally high error rates you should kill the system for a very long period of time. Whilst that does not stop any time based side channels, it does bring the channel bandwidth to very small bandwidths such as maybe a bit or two per day.

Oh and when it comes to power side channels, don't bother trying to "randomize" your way out of it for a whole variety of reasons it realy does not work. Worse in some cases it makes an attackers job easier.

Steven ClarkAugust 15, 2019 11:23 AM

On many electronic locks the real side-channel is the backup mechanical lock used in case the power goes out or the batteries die. In many cases this is a barrel lock which are so trivial to impression you used to be able to do it with a Bic pen and a lighter until they started changing the diameter to no longer match.

POLARAugust 16, 2019 12:21 AM

Smart locks are just plain terrible. Not "terrible" in the common security sense, terrible as in "you can pick them with a regular screwdriver and zero skills"

MrCAugust 16, 2019 1:22 AM

Thank you Clive. If you're feeling bored someday, I'd be happy to hear a history of how Smart Chips dealt with various side channels.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.