How microprobing can attack encrypted memory
View / Open Files
Authors
Publication Date
2017-09-28Conference Name
Euromicro Conference on Digital System Design
Publisher
IEEE Computer Society
Number
INSPEC Accession Number: 17209552
Type
Conference Object
This Version
AM
Metadata
Show full item recordCitation
Skorobogatov, S. (2017). How microprobing can attack encrypted memory. Euromicro Conference on Digital System Design. (INSPEC Accession Number: 17209552)https://doi.org/10.1109/DSD.2017.69
Abstract
This paper exposes some weaknesses of encrypted
embedded memory in secure chips. Smartcards and secure
microcontrollers are designed to protect confidential internal
information. For that they widely employ on-chip memory
encryption. Usually both data and address buses are encrypted
to prevent microprobing attacks. This paper shows how
practical such attacks can be on real chips and whether
memory encryption is as good as it is supposed to be. It was
possible to extract the whole memory from a secure 8-bit
microcontroller with as little as 8 probing needles. This paper
questions the usual belief in that ion-doping-encoded and
encrypted Mask ROM is ultimately secure. Implications for
16-bit and 32-bit microcontrollers are discussed as well. Some
common weaknesses are exposed and possible
countermeasures are discussed.
Keywords
microprobing attacks, glitching attacks, memory encryption, ROM, EEPROM and Flash memory
Identifiers
External DOI: https://doi.org/10.1109/DSD.2017.69
This record's URL: https://www.repository.cam.ac.uk/handle/1810/288247
Rights
Licence:
http://www.rioxx.net/licenses/all-rights-reserved