CHAPTER 19Side Channels
The hum of either army stilly sounds, That the fixed sentinels almost receive The secret whispers of each others' watch; Fire answers fire, and through their paly flames Each battle sees the other's umber'd face.
– WILLIAM SHAKESPEARE, KING HENRY V, ACT IV
Optimisation consists of taking something that works and replacing it with something that almost works but is cheaper.
– ROGER NEEDHAM
19.1 Introduction
Electronic devices such as computers and phones leak information in all sorts of ways. A side channel is where information leaks accidentally via some medium that was not designed or intended for communication; a covert channel is where the leak is deliberate. Side channel attacks are everywhere, and 3–4 of them have caused multi-billion dollar losses.
- First, there are conducted or radiated electromagnetic signals, which can compromise information locally and occasionally at longer ranges. These ‘Tempest’ attacks led NATO governments to spend billions of dollars a year on shielding equipment, starting in the 1960s. After the end of the Cold War, people started to realise that there had usually been nobody listening.
- Second, side channels leak data between tasks on a single device, or between devices that are closely coupled; these can exploit both power and timing information, and also contention for shared system resources. The discovery of Differential Power Analysis in the late 1990s held up the deployment of smartcards in banking and elsewhere ...
Get Security Engineering, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
