The security of modern electronic devices relies on secret keys stored on secure hardware. Extracting those keys using physical attacks (e.g., side-channel analysis) would break the security of the entire system. While several countermeasures have been integrated into modern Integrated Circuits (ICs) to mitigate such threats, a proper protection scheme against a powerful class of physical attacks, namely optical side-channel attacks conducted from the IC backside, is still missing. One of the primary reasons for the lack of backside protection is a handful of common misconceptions about the hardness of mounting such attacks. In other words, it is commonly believed that chip preparation, reverse engineering, and secret key localization on the very latest nanoscale technologies using optical techniques are onerous tasks. In this talk, we assess the attack effort against various commercial devices in different real-world scenarios, where the adversary has no knowledge of underlying hardware implementation. We demonstrate how the adversary is able to extract the secrets from the target device in a short amount of time, with a limited budget. As a result, we conclude that the security of cryptographic implementations should never rely on the complexity of physical attacks.
Dr. Shahin Tajik is an Assistant Professor at Worcester Polytechnic Institute (WPI). Before joining WPI, Dr. Tajik was an Assistant Research Professor at the Florida Institute for Cybersecurity (FICS) Research at the University of Florida. He received his Ph.D. degree in Electrical Engineering in 2017 from the working group SECT, a collaboration of the Technical University of Berlin and Deutsche Telekom Innovation Laboratories in Germany. His research mainly includes physical security evaluation of embedded systems using integrated circuit (IC) failure analysis techniques. His ACM CCS'17 paper with the title "On the Power of Optical Contactless Probing: Attacking Bitstream Encryption of FPGAs" was awarded the 1st place in the Applied Research Competition of European Cyber Security Awareness Week (CSAW) in 2017. More recently, his research "SPARTA: Laser Probing Approach for Trojan Detection" won the best Hardware Demo Awards of IEEE International Symposium on Hardware Oriented Security and Trust (HOST) 2020.