“There are still plenty of unsecured chips out there, vulnerable to several major types of hardware attack,” he explained. “These include side-channel attacks, which are techniques that allow attackers to monitor the analogue characteristics and interface connections and any electromagnetic radiation.”

According to Sword, differential power analysis (DPA) is a type of side-channel attack that measures the electrical power consumption or electromagnetic emissions from the device.

“From these measurements, attackers can derive cryptographic keys and private data,” he continued. “These keys allow attackers to easily gain unauthorized access to a device, decrypt or forge messages, steal identities, clone devices, create unauthorized signatures and perform additional unauthorized transactions.”

As Sword notes, Boeing recently licensed Rambus DPA Countermeasures to protect its aerospace and defense systems from security threats.

“Rambus is also working with smartphone manufacturers, [as the company’s] CryptoManager platform establishes a hardware-based root-of-trust, embedding a security core in the SoC itself,” he added. “Vendors can therefore securely provision unique keys for each chip during the silicon manufacturing and testing process.”

As we’ve previously discussed on Rambus Press, DPA countermeasures will allow Boeing to protect against security attacks that are used to reverse engineer or exploit critical technologies built into aircraft and other defense-related products. To be sure, the threat of DPA attacks is on the rise and defense companies require an extremely high level of hardware-based security to safeguard its customers’ high-value data.

Perhaps not surprisingly, concerns about DPA attacks originated in the smart card market, although such attacks have since spread into other segments, including aerospace and defense. Fortunately, government and military systems can be protected from cyber adversaries with a hardware-centric security approach, which helps prevent the threat of reverse engineering and exploitation.

To evaluate vulnerability and resistance to side-channel attacks, Rambus has also developed a DPA Workstation (DPAWS) platform for its customers and partners. Essentially, DPAWS analyzes hardware and software cryptographic implementations for vulnerabilities to power and electromagnetic side-channel attacks. Specifically, DPAWS enables users to quickly assess any vulnerability that an FPGA, ASIC, CPU or microcontroller may have to side-channel analysis.

In addition, DPAWS includes an integrated suite of hardware and data visualization software to aid in the identification and understanding of vulnerabilities in cryptographic chips.

Interested in learning more? You can check out our DPA Countermeasures product page here and our DPA Workstation product page here.

Episode 5, “3xpl0its.wmv,” which aired on July 22nd, 2015, also featured proximity card cloning. As Blue describes:

“In a cafe, Mr. Robot clones a Steel Mountain employee badge using a device in his backpack. This may have been something from Bishop Fox, whose Francis Brown presented research on badge cloning at Def Con 21 (‘Live Free or RFID Hard,’ 2013). Still, there are a number of devices that do this, and a Proxmark 3 would be Mr. Robot’s most likely tool choice here.”

According to Swati Khandelwal of Hacker News, skilled RFID hackers have “repeatedly” used various side channel attack methods to steal information and secret cryptographic keys. Of course, devices such as smartphones, tablets and laptops also contain cryptographic keys tasked with protecting payments, VPN/network connections and on-device flash memory.

While some mobile devices include basic countermeasures, many lack sufficient protection and can therefore be easily compromised. Indeed, even a simple radio is capable of gathering side-channel information by eavesdropping on frequencies emitted by mobile devices and cards.

Although the second season Mr. Robot storyline remains a closely guarded secret, one can’t help but wonder if additional side-channel attacks and hacks will make their way into the wildly popular show. It would also be interesting to see how the show runners may choose to portray various side-channel countermeasures, particularly if the authorities becomes more involved in trying to combat the fictional fsociety.

Indeed, as creator and showrunner Sam Esmail recently told The Hollywood Reporter, Evil Corp won’t remain the sole antagonists of fsociety. “Now we’re dealing with a much larger issue, and I think the law enforcement, in some way, will make a presence in season two, which I think is an interesting new group of characters to explore,” Esmail added.

Perhaps not surprisingly, a number of Robot hacks have actually occurred in reality, ranging from compromised PLC devices to malware-packed USB sticks dropped in parking lots to tempt unsuspecting victims.

“The show gets people on a certain wavelength when they realize oh, my webcam really can be used to spy on me,” Kor Adana, a writer for the hit series, told a cyber-security conference in January. “And maybe I shouldn’t just blindly accept a CD from a street peddler. [Robot] illustrates the very real risks for the average person. An increased level of paranoia is clearly a good thing in this landscape. It comes along with the territory, because we know how to exploit these vulnerabilities.”

“We show that co-location can be achieved and detected by monitoring the last level cache in public clouds,” the Worcester team explained in an article extract. “More significantly, we present a full-fledged attack that exploits subtle leakages to recover RSA decryption keys from a collocated instance.”

To be sure, the researchers targeted a recently patched Libgcrypt RSA implementation by mounting Cross-VM Prime and Probe cache attacks in combination with other tests to detect co-location in a cloud-based service. As a preparatory step, the team reversed engineered the unpublished nonlinear slice selection function for a leading server processor powering the cloud service, which significantly helped accelerate the attack.

After co-location was detected and verified, the researchers performed the Prime and Probe attack to recover noisy keys from a carefully monitored cloud service VM running the vulnerable libgcrypt library. The noisy data was subsequently processed, allowing the team to obtain the complete 2048-bit RSA key used during encryption.

This work, says the Worcester team, reaffirms privacy concerns and underlines the need for deploying stronger isolation techniques in public clouds. Chris Gori, a Technical Director at Rambus Cryptography Research concurred.

“Physical electronic systems routinely leak information about the internal process of computing. In practical terms, this means attackers can exploit various side-channel techniques to gather data and extract secret cryptographic keys,” Gori told Rambus Press. “This is true for enterprise servers and data centers, as well as mobile devices, PCs and SIM cards.”

As we’ve previously discussed, the Rambus Cryptography Research division has designed a range of DPA countermeasures that offer a combination of software, hardware and protocol techniques specifically designed to protect tamper-resistant devices from side-channel attacks. These include leak reduction, incorporating randomness, generating amplitude and temporal noise, as well as executing protocol-level countermeasures.

Interested in learning more about how Rambus is helping to secure SoCs, devices and content? You can read more about our DPA countermeasures here, CryptoFireWall Cores here and CryptoManager platform here.

“Over time, the software content grew and today it is generally accepted that software accounts for more product expense than hardware, takes longer and adds a significant, if not the majority, of the functionality,” writes Bailey. “Software has [now] become so important that hardware is often seen as the platform needed to optimally support the software.”

Bob Zeidman, president of Zeidman Consulting, expressed similar sentiments.

“Software functionality will determine hardware functionality instead of the other way around,” Zeidman told the publication. “You’ll design software and give performance constraints like cost, power consumption, memory size, and physical size, and the tool will build the hardware design to meet your constraints and run your software.”

Eliott Jones, Rambus VP of User Experience (UX) Eliott Jones, concurred.

“At the end of the day, the product administrators, technicians, and end users engage modern products at the software level. In effect, that experience IS the product to them. What began really with the introduction of the Macintosh way back, where the abstracted layer of the UI was ridiculed by ‘real developers’ has in today’s world of Cloud- and service-based applications become the norm,” he explained during a recent interview with Rambus Press in Sunnyvale. “Whereas traditional hardware survived by being rigidly defined in its function, modern hardware product designs are inherently more versatile, enabling and requiring much more active participation and adaptation to user operation. The outcome is that the software enables user operations to define much more of the total product offering.”

According to Jones, realizing the full potential of a hardware-centric solution is difficult without the inclusion of a well-defined software layer.

“This layer should be built around an intuitive UI that allows the user to easily interact with and act upon meaningful data,” he said. “Historically, most hardware-based products started from the ground up with an emphasis on pure engineering. However, industry expectations have steadily evolved over the years, with enterprise UX standards being set by consumer devices like smartphones and tablets.”

Usability, says Jones, is currently both a key requirement and differentiator.

“Because there is so much data to capture, understand and act upon in today’s world, creating a user experience that distills the data into what’s important at a glance is paramount. The structure and design of controls in software is critical to allow users to understand the meaning of information and to respond to it quickly,” he continued. “Think of it as the difference between a standard BIOS screen circa 1995 – keyboard arrows and all – and a Google Analytics dashboard in 2015. Clearly, software is now a primary, rather than tertiary concern. From my perspective, it would be difficult, if not impossible, to demonstrate a hardware-based platform to potential customers without a truly integrated software layer.”

As Jones points out, that is precisely why Rambus engineers have adopted holistic design cues from consumer-centric products when coding the software for the company’s CryptoManager and DPA Workstation (DPAWS) testing platform.

“As an example, both DPAWS and CryptoManager feature an intuitive UI that integrates advanced visualization capabilities. This helps increase the efficiency of side-channel analysis for the former, while optimizing the Security Engine and related Infrastructure for the latter,” he added.

“[The cards use] AES-128, which is supposed to be virtually unbeatable by a brute-force attack, but turns out to be easy to defeat using side-channel analysis,” explained Iain Thomson of The Register. “Side-channel attacks measure things like power consumption, electromagnetic emissions and heat generation to work out what is going on in a chip. The technique has been around for years, and requires physical access to the target device.”

Have you read our primer?
– Side-channel attacks: explained

As Thomson reports, Yu Yu and his university team tracked power levels using an oscilloscope, monitored data traffic with an MP300-SC2 protocol analyzer and correlated the results with a SIM card reader and a standard PC.

“With this simple setup they cracked eight commercial SIM cards in between 10 and 80 minutes,” said Thomson. “Yu [also] demonstrated how the cloned SIM card can successfully impersonate the owner in class [and] showed how a cloned card could change the password on an Alipay and potentially drain the account.”

According to Yu, the above-mentioned hack is based on known differential power analysis attacks.

“The move to AES-based encryption algorithms in 3G/4G USIM cards did not systematically take advantage of state-of-the-art countermeasures against side-channel attacks,” he added. “Indeed, the USIM cards we analyzed essentially relied on plain (unprotected) software implementations of the AES.”

Helena Handschuh, a Director at Rambus’ Cryptography Research division, co-designed the MILENAGE standard discussed in Yu’s Black Hat paper. According to Handschuh, AES-128/Rijndael was chosen for MILENAGE in 2001 so that side-channel countermeasures could be easily incorporated in a SIM-class platform.

“Yu Yu’s paper demonstrates once again that, even though these algorithms are mathematically strong and unbroken, all implementers of crypto need to be aware of side-channel attacks and take appropriate steps to mitigate them,” Handschuh concluded.

As we’ve previously discussed on Rambus Press, physical electronic systems routinely leak information about the internal process of computing. In practical terms, this means attackers can exploit various side-channel techniques to gather data and extract secret cryptographic keys.

As such, the Rambus Cryptography Research division has designed a range of DPA countermeasures that offer a combination of software, hardware and protocol techniques specifically designed to protect tamper-resistant devices from side-channel attacks. These include leak reduction, incorporating randomness, generating amplitude and temporal noise, as well as executing protocol-level countermeasures.

Interested in learning more about how Rambus is helping to secure SoCs, devices and content? You can read more about our DPA countermeasures here, CryptoFireWall Cores here and CryptoManager platform here.