For <$200, hackers could have what they need to set your secrets free - don't let them!
DPA is possible due to electromagnetic radiation and fluctuations in power consumption are side effects of any electronic system. An adversary can exploit these natural phenomena to gain information on what a silicon device is doing at a point in time. Silicon Labs implements countermeasures that prevent or mitigate these threats.
How does an attack take place?
Implementing a DPA attack requires hands-on access to the device. In general terms, attackers implement inductive loops around points of interest and monitor the induced current of the loop and of the system power consumption.
Differential Power Analysis Exploits
Implementing a DPA attack requires hands-on access to the device. An attacker implements inductive loops around points of interest and monitors the induced current of the loop and system power consumption. Attackers collect power traces during a large sample of cryptographic operations and then perform mathematical signal analysis functions based on leakage modeling to regenerate security keys. With access to the keys, attackers can exploit an entire product line or fleet, often without physical access to the devices.
Silicon Labs Differential Power Analysis Countermeasure Technology
Silicon Labs has invested in DPA countermeasure technology to improve IoT device security. Techniques used in thwarting DPA attacks are complex, but are based upon basic principles:
- Data Masking – applying random masks to the internal computations performed by the silicon
- Timing – randomizing the timing of internal computations performed by silicon
Our Product Security Incident Response Team (PSIRT) is responsible for ensuring the vulnerabilities discovered in our products are mitigated and communicated responsibly. If you detect a security threat, let us know.