AI, Deep Learning & Other attacks

There are many different ways to try to breach the walls of silicon safety that harbors the secret keys used to authenticate, sign and encrypt. While invasive attacks will try to modify physical properties of the chip to steal its secrets, non-invasive ones focus mostly on observational and analytical techniques. SEALSQ chips are armored with countermeasures to resist these breaching attempts. Here are a few examples of what our Secure Chips countermeasures are being proof-tested against.

Physical attacks (Invasive)

Specific tools used in the microelectronics industry (etching, FIB etc.) can enable access or modification of an Integrated Circuit by removing or adding material. With this kind of tools, a hacker can extract internal signals or manipulate connections inside the silicon device by adding or cutting “wires” inside the silicon. As an outcome the hacker may access secret data, disable security features to make another attack easier or force internal signals to gain control.

Perturbation Attacks (Semi-Invasive)

Perturbation attacks change the normal behavior in order to create an exploitable error during the operation of Silicon Device. The functionality is changed either by operating the circuit outside its intended operating environment or by applying one or more external sources of energy during the operation. These energy sources can be applied at different times and/or places on the device. Creating faults can be used to recover secrets, to change the results of validation such as authentication or lifecycle state checks, to change the program flow, or to provide unauthorized access to protected memory. Example of typical perturbations are Clock glitch, Voltage glitch, Electro-Magnetic glitch…

Side-Channel analysis (non invasive)

A side-channel attack on a microchip is a type of security attack that targets secret information processed by the microchip by exploiting unintended channels of information leakage that are linked to physical properties such as timing characteristics, power consumption, or electromagnetic radiation. These channels can reveal information about the internal workings of the microchip, such as the data being processed or the secret key used in a cryptographic operation. The outcome of a side-channel attack may be as simple as finding a characteristic trigger point for launching other attacks or as complete as the secret key used in a cryptographic operation.

Side-Channel & Deep Learning (non invasive)

The combination of deep learning and side-channel analysis can provide greater accuracy and efficiency compared to traditional methods and enable the discovery of new attack vectors. Deep learning is a class of AI algorithms that extract higher-level features from data by the application of multiple layers. Deep learning algorithms automatically learn how the relevant information induced in the data should be combined in order to correctly classify it. This approach can be combined to a side-channel attack to extract the secret key from a set of power consumption and/or electromagnetic emanations. While the side-channel attacks are based on strong mathematical foundations, the deep learning models can be difficult to fully understand and are often seen as black-boxes.

Report

ANSSI Views on PQC

Download the summary of ANSSI views on Post Quantum Cryptography transition

Download

Article

NIST 4th round

Read NIST PQC algorithm selection process 4th round results

Read

AI, Deep Learning

and other attacks

Different forms of attack