If you can physically access a device you can sometime use the likes of power usage to look at patterns that reveal much of what apparently hidden but the security features of the device. We have known for many years how computer memory can be gleaned even when using the strongest encryption such as the Advanced Encryption Standard (AES).
This was recently exemplified when it was discovered that some virtual machines could extract data via leakage from other virtual machines that share the same physical platform.
With the increasing use of Radio Frequency Identification (RFID) one concern has been that such chips could be subjected to these side channel attacks. as they are used to store increasing amounts of sensitive (particular personal) data such leakage is an obvious place for hackers to target. And of course, the rise of contactless payment systems has brought a whole new impetus to this form of attack.
To date most of the security measure have not addressed the hardware. They have looked at alternative methods of protecting the data on the chip. Typically they rely upon, for example, changing the private key regularly so that repeated execution of the encryption algorithm doesn't allow cryptanalytic attacks to be used.
The thing the attacks have in common is that they rely upon the fact that the card reader powers up the chip every time it is used. Hence, this power consumption can give indications of what is being placed in memory. In practice you have to go through this cycle thousands of times, and assuming there is not changing of the keys, in order to determine memory contents. It's non-trivial but has been demonstrated.
So, researchers at MIT have now come up with a chip design which they hope with make side channels attacks that require physical access, more difficult. It is intended to protect specifically against attacks that use power usage to determine memory content.
In essence, there are two new elements:
- A built-in power supply that is practically impossible to disrupt
- Some “nonvolatile” memory that will retain data when the power fades
Thus, now each time the card is used a small capacitor is charged on the chip to act as a power supply and it is that which is then used to run the chip. Likewise if the power is interrupted memory is maintained rather than having to be repopulated each time it is used.
In this way the classic side channel attack is simply defeated: the power fluctuations are no longer directly related to memory contents.
Texas Instruments have already built some prototypes and it seems they work. Don't be surprised if this technology starts to appear on a card near you in the not so distant future.