Attestation Waves: Platform Trust via Remote Power Analysis

AI-generated keywords: Attestation ADC TEE MT ERC

AI-generated Key Points

The paper explores using side-channel information captured by an ADC in the same SoC as the PS to perform attestation.
Voltage fluctuations at the input terminal can be used to characterize and distinguish certain operations from other binaries.
This approach eliminates the need for physical proximity required by other methods that use external setups to capture electromagnetic emanation.
The attestation protocol involves three phases: Setup Phase, Trusted Launch Phase, and Computations Phase.
During the Setup Phase, each entity receives a public/private key pair.
In the Trusted Launch Phase, Verifier V launches a TEE on an untrusted platform with the help of a setup function Fs publicly known.
In the Computations Phase, P executes applications chosen by V while measuring power consumption through ADCs and sending traces to V for verification against templates stored in Measurements Tray (MT), an independent cloud component responsible for storing templates and comparing them with traces received by V.
The research was funded by various organizations such as ERC, ASCLEPIOS project under EU research project No. 826093, Cybersecurity Research Award granted by TII, i-LINK+ 2019 “Advancing in cybersecurity technologies” Ref.LINKA20216 supported by CSIC's Andalusia ESF Operational Programme 2014-2020 and HPY Research Foundation.
Limitations of this proof-of-concept work include improving true positive rates and addressing substitution attacks.

Also access our AI generated: Comprehensive summary, Lay summary, Blog-like article; or ask questions about this paper to our AI assistant.

Authors: Ignacio M. Delgado-Lozano, Macarena C. Martínez-Rodríguez, Alexandros Bakas, Billy Bob Brumley, Antonis Michalas

arXiv: 2105.02435v2 - DOI (cs.CR)

20th International Conference on Cryptology and Network Security (CANS 2021)

License: CC BY 4.0

Abstract: Attestation is a strong tool to verify the integrity of an untrusted system. However, in recent years, different attacks have appeared that are able to mislead the attestation process with treacherous practices as memory copy, proxy, and rootkit attacks, just to name a few. A successful attack leads to systems that are considered trusted by a verifier system, while the prover has bypassed the challenge. To mitigate these attacks against attestation methods and protocols, some proposals have considered the use of side-channel information that can be measured externally, as it is the case of electromagnetic (EM) emanation. Nonetheless, these methods require the physical proximity of an external setup to capture the EM radiation. In this paper, we present the possibility of performing attestation by using the side-channel information captured by a sensor or peripheral that lives in the same System-on-Chip (SoC) than the processor system (PS) which executes the operation that we aim to attest, by only sharing the Power Distribution Network (PDN). In our case, an analog-to-digital converter (ADC) that captures the voltage fluctuations at its input terminal while a certain operation is taking place is suitable to characterize itself and to distinguish it from other binaries. The resultant power traces are enough to clearly identify a given operation without the requirement of physical proximity.

Submitted to arXiv on 06 May. 2021

Ask questions about this paper to our AI assistant

You can also chat with multiple papers at once here.

AI assistant instructions?

Results of the summarizing process for the arXiv paper: 2105.02435v2

Comprehensive Summary
Key points
Layman's Summary
Blog article

This paper explores the possibility of using side-channel information captured by an analog-to-digital converter (ADC) within the same System-on-Chip (SoC) as the processor system (PS) to perform attestation. The authors propose capturing voltage fluctuations at its input terminal while a certain operation is taking place, which can be used to characterize and distinguish it from other binaries. This approach eliminates the requirement for physical proximity, which is necessary for other methods that use external setups to capture electromagnetic emanation. The attestation protocol involves three phases: Setup Phase, Trusted Launch Phase, and Computations Phase. During the Setup Phase, each entity receives a public/private key pair. In the Trusted Launch Phase, Verifier V launches a Trusted Execution Environment (TEE) on an untrusted platform with the help of a setup function Fs publicly known. Finally, in the Computations Phase, P executes applications chosen by V while measuring power consumption through ADCs and sending traces to V for verification against templates stored in Measurements Tray (MT), an independent cloud component responsible for storing templates and comparing them with traces received by V. This research was funded by various organizations such as European Research Council (ERC), ASCLEPIOS project under EU research project No. 826093, Cybersecurity Research Award granted by Technology Innovation Institute (TII), i-LINK+ 2019 “Advancing in cybersecurity technologies” Ref.LINKA20216 supported by CSIC's Andalusia ESF Operational Programme 2014-2020 and HPY Research Foundation. However, this proof-of-concept work has limitations that need to be addressed in future studies such as improving true positive rates and addressing substitution attacks.

- The paper explores using side-channel information captured by an ADC in the same SoC as the PS to perform attestation.
- Voltage fluctuations at the input terminal can be used to characterize and distinguish certain operations from other binaries.
- This approach eliminates the need for physical proximity required by other methods that use external setups to capture electromagnetic emanation.
- The attestation protocol involves three phases: Setup Phase, Trusted Launch Phase, and Computations Phase.
- During the Setup Phase, each entity receives a public/private key pair.
- In the Trusted Launch Phase, Verifier V launches a TEE on an untrusted platform with the help of a setup function Fs publicly known.
- In the Computations Phase, P executes applications chosen by V while measuring power consumption through ADCs and sending traces to V for verification against templates stored in Measurements Tray (MT), an independent cloud component responsible for storing templates and comparing them with traces received by V.
- The research was funded by various organizations such as ERC, ASCLEPIOS project under EU research project No. 826093, Cybersecurity Research Award granted by TII, i-LINK+ 2019 “Advancing in cybersecurity technologies” Ref.LINKA20216 supported by CSIC's Andalusia ESF Operational Programme 2014-2020 and HPY Research Foundation.
- Limitations of this proof-of-concept work include improving true positive rates and addressing substitution attacks.

This paper talks about a way to check if a computer is safe from bad guys. They use something called an ADC to measure electricity and see what the computer is doing. This helps them know if the computer is doing what it's supposed to do or if someone is trying to hack it. They don't need to be close to the computer like other ways of checking, which is good. There are three parts to this checking process: Setup, Trusted Launch, and Computations. Some groups gave money for this research but there are still things they need to work on like making sure they catch all the bad stuff and stopping people from tricking the system. Definitions- ADC: A device that measures electricity - SoC: A type of computer chip - Attetation: Checking if a computer is safe from hackers - Binary: A way computers store information using only 1s and 0s - Proximity: How close something is

Using Side-Channel Information to Perform Attestation

Attestation is a process of verifying the integrity and authenticity of a system or application. It is used to ensure that the system or application has not been tampered with and that it is running in its intended state. In this article, we will discuss a research paper which explores the possibility of using side-channel information captured by an analog-to-digital converter (ADC) within the same System-on-Chip (SoC) as the processor system (PS) to perform attestation.

Background

Attestation is typically performed by external setups such as Trusted Platform Modules (TPMs), which use electromagnetic emanation for capturing power consumption traces from devices under test. However, these methods require physical proximity between verifier V and prover P, making them unsuitable for remote scenarios. To address this limitation, researchers have proposed various solutions such as using hardware sensors on SoCs to capture side channel information while executing certain operations.

Research Paper Overview

The authors propose capturing voltage fluctuations at its input terminal while a certain operation is taking place, which can be used to characterize and distinguish it from other binaries. This approach eliminates the requirement for physical proximity, which is necessary for other methods that use external setups to capture electromagnetic emanation. The attestation protocol involves three phases: Setup Phase, Trusted Launch Phase, and Computations Phase. During the Setup Phase, each entity receives a public/private key pair. In the Trusted Launch Phase, Verifier V launches a Trusted Execution Environment (TEE) on an untrusted platform with the help of a setup function Fs publicly known. Finally, in the Computations Phase, P executes applications chosen by V while measuring power consumption through ADCs and sending traces to V for verification against templates stored in Measurements Tray (MT), an independent cloud component responsible for storing templates and comparing them with traces received by V .

Funding & Limitations

This research was funded by various organizations such as European Research Council (ERC), ASCLEPIOS project under EU research project No. 826093 , Cybersecurity Research Award granted by Technology Innovation Institute (TII), i-LINK+ 2019 “Advancing in cybersecurity technologies” Ref LINKA20216 supported by CSIC's Andalusia ESF Operational Programme 2014 - 2020and HPY Research Foundation . However , this proof - of - concept work has limitations that need to be addressed in future studies such as improving true positive rates and addressing substitution attacks .

Conclusion

In conclusion , this research paper proposes an innovative solution for performing attestation without requiring physical proximity between verifier V and prover P . By leveraging side channel information captured through ADCs , it eliminates many security risks associated with traditional methods . Although there are some limitations that need further investigation , this work provides valuable insights into how attestation can be done remotely without compromising security .

Created on 06 May. 2023

Assess the quality of the AI-generated content by voting

Score: 0

The previous summary was created more than a year ago and can be re-run (if necessary) by clicking on the Run button below.

Similar papers summarized with our AI tools

48.7%

Fundamental accuracy-resolution trade-off for timekeeping devices

quant-ph

47.4%

DeepSight: Mitigating Backdoor Attacks in Federated Learning Through Deep Mod…

cs.CR

45.9%

Semantic Information Marketing in The Metaverse: A Learning-Based Contract Th…

cs.AI

45.9%

Federated Learning in MIMO Satellite Broadcast System

eess.SP

45.7%

In ChatGPT We Trust? Measuring and Characterizing the Reliability of ChatGPT

cs.CR

45.4%

Parameter-free Online Test-time Adaptation

cs.CV

45.4%

Smart Contract and DeFi Security: Insights from Tool Evaluations and Practiti…

cs.CR

Navigate through even more similar papers through a

tree representation

Look for similar papers (in beta version)

By clicking on the button above, our algorithm will scan all papers in our database to find the closest based on the contents of the full papers and not just on metadata. Please note that it only works for papers that we have generated summaries for and you can rerun it from time to time to get a more accurate result while our database grows.

Disclaimer: The AI-based summarization tool and virtual assistant provided on this website may not always provide accurate and complete summaries or responses. We encourage you to carefully review and evaluate the generated content to ensure its quality and relevance to your needs.