IoT Security – Killing the Problem at Its Source

This post is also available in: עברית (Hebrew)

In an internet-connected world where devices are networked, the security of embedded devices is essential, as they are more and more exposed to cyber threats. A new hardware technology is resilient to electromagnetic attacks to secure Internet of Things devices. Security is typically guaranteed mathematically using a small secret key to encrypt the private messages. 

When these computationally secure encryption algorithms are implemented on a physical hardware, they leak critical side-channel information in the form of power consumption or electromagnetic radiation. Now, Purdue University innovators have developed technology to kill the problem at the source itself – tackling physical-layer vulnerabilities with physical-layer solutions.

The team developed technology to use mixed-signal circuits to embed the crypto core within a signature attenuation hardware with lower-level metal routing, such that the critical signature is suppressed even before it reaches the higher-level metal layers and the supply pin. This drastically reduces electromagnetic and power information leakage.

Recent attacks have shown that such side-channel attacks can happen in just a few minutes from a short distance away. Recently, these attacks were used in the counterfeiting of e-cigarette batteries by stealing the secret encryption keys from authentic batteries to gain market share.

“This leakage is inevitable as it is created due to the accelerating and decelerating electrons, which are at the core of today’s digital circuits performing the encryption operations,” said Debayan Das, a Ph.D. student in Purdue’s College of Engineering. “Such attacks are becoming a significant threat to resource-constrained edge devices that use symmetric key encryption with a relatively static secret key like smart cards. Our technology has been shown to be 100 times more resilient to these attacks against Internet of Things devices than current solutions.” “Our protection mechanism is generic enough that it can be applied to any cryptographic engine to improve side-channel security,” he added, according to purdue.edu.