CIOInsider India Magazine

Two Indian researchers at the Massachusetts Institute of Technology (MIT), Saurav Maji and Utsav Bannerjee, have developed a low-energy security chip that is designed to thwart side-channel attacks (SCAs) on IoT (Internet of Things) devices. Rather than targeting a program or software directly, SCAs take advantage of security flaws where information can be collected from the indirect consequences of the system hardware's operation.

How it Works
These attacks typically try to obtain sensitive information such as cryptographic keys, proprietary machine learning models, and parameters from a device by measuring things like timing information, power consumption, and electromagnetic leaks.

As an example, suppose you want to know if your neighbour has been watering their garden. You would try to keep track of your neighbour using typical assault methods to check if and when they are watering their garden plants.

However, if you used the logic of a SCA, you could figure out the same thing by looking at other auxiliary data like how well their plants are doing, how much water they use in the house, and whether they have the garden hose out. Rather than looking at the act itself, you use information from the act's execution to figure out what's going on.

Even though SCAs are challenging to implement on most modern systems, the increasing sophistication of machine learning algorithms, increased computing power of devices, and increasing sensitivity of measuring sensors are making SCAs a reality.

Under the guidance of Anantha Chandrakasan, the dean of the MIT School of Engineering and Vannevar Bush Professor of Electrical Engineering and Computer Science, Maji and Bannerjee published an attack paper titled "Leaky Nets: Recovering Embedded Neural Network Models and Inputs through Simple Power and Timing Side-Channels — Attacks and Defenses" in the IEEE Internet of Things Journal before developing the new security chip.

The efficacy of SCAs was proved in the research by recovering machine learning model parameters and even inputs from the operation of a commercial embedded microprocessor, similar to those seen in commercial IoT devices.

How it Helps
Although SCAs are difficult to detect and defend against, countermeasures have a reputation for requiring a lot of computer power and energy. The new chip architecture comes into play here.

The MIT researchers disclosed their concept in the International Solid State Circuits Conference 2022 paper "A Threshold-Implementation-Based Neural-Network Accelerator Securing Model Parameters and Inputs Against Power SCAs."

The paper's senior author is Chandrakasan, but it also includes Banerjee, an MIT graduate who is now an assistant professor at the Indian Institute of Science, and Sam Fuller, a visiting research scientist at MIT.

Maji and his partners developed a chip that is about the size of a thumbnail and consumes far less power than typical security measures against SCAs. It's designed to fit into smartwatches, iPads, and a range of other devices with ease.

“It can be used in any sensor nodes which connects user data. For example, it can be used in monitoring sensors in the oil and gas industry, it can be used in self-driving cars, in fingerprint matching devices and many other applications,” said Maji.

Near-threshold computing is a computing method in which the data to be worked on is separated into independent, unique, and random components before being processed. The chip then performs operations in a random order on each component before combining the results for a final result.

The information leaked from the device through power-consumption measures is random as a result of this strategy, and a SCA would disclose nothing but nonsense. However, this method is energy and computation-intensive, and it also necessitates greater system memory for data storage.

Maji and his colleagues discovered a technique to improve this procedure and cut down on some of the computational overheads. The researchers claim that their chip architecture has decreased the required computing overheads by three orders of magnitude.

However, putting this chip architecture into a system would necessitate a five-fold increase in energy consumption and 1.6 times the silicon area of an unsafe implementation. Furthermore, the architecture only defends against energy consumption-based SCAs, not electromagnetic SCAs.

Other Countermeasures
According to researchers from Microsoft Research and Indiana University, the rise of Web 2.0 applications and software-as-a-service has significantly increased the possibility of side-channel attacks on the web, even when transmissions between a web browser and server are encrypted (e.g., through HTTPS or WiFi encryption). Side-channel attacks rely on the relationship between information emitted (leaked) through a side channel and secret data, hence there are two types of countermeasures: eliminate or limit the dissemination of such information, and 2 break the link between the leaked data and the secret data.

Displays with particular shielding to reduce electromagnetic emissions and hence sensitivity to TEMPEST attacks are already commercially available in the first category. Power line conditioning and filtering can assist prevent power-monitoring attacks, but they should be utilized with caution because even minor correlations can remain and jeopardize security.

Another first-category countermeasure is to employ security analysis tools to identify specific types of side-channel attacks that can be discovered during the design stages of the underlying hardware. The most thorough technique of implementing this countermeasure is to establish a Secure Development Lifecycle for hardware, which incorporates the use of all available security analysis platforms at each level of the hardware development lifecycle.

Other partial solutions aim to limit the quantity of data released as a result of data-dependent power discrepancies. Some operations require a certain amount of power, which is proportional to the number of 1 bits in a secret value. Although exploitable correlations are likely to remain unless the balancing is flawless, adopting a constant-weight code (such as Fredkin gates or dual-rail encoding) can decrease the leaking of information about the Hamming weight of the secret value. By altering both the data and its counterpart together in software, this ‘balanced design’ can be approximated.