Engineers demonstrate two security methods that effectively protect analog-to-digital converters against powerful attacks aimed at stealing user data.
Researchers are racing against hackers to develop stronger protections that shield data from malicious agents who would steal information by eavesdropping on smart devices.
Much of the effort to prevent these “side channel attacks” has focused on the vulnerability of digital processors. Hackers, for example, can measure the electrical current consumed by a smartwatch’s processor and use it to reconstruct secret data being processed, such as a password.
MIT researchers recently published an article in the IEEE Journal of Solid State Circuits, which demonstrated that smart device analog-to-digital converters, which encode real-world signals from sensors into computationally-processable digital values, are vulnerable to power side-channel attacks. A hacker could measure the analog-to-digital converter supply current and use machine learning algorithms to accurately reconstruct the output data.
Now, in two new research papers, engineers show that analog-to-digital converters are also susceptible to a stealthier form of side-channel attack and describe techniques that effectively block both attacks. Their techniques are more effective and less expensive than other security methods.
Minimizing power consumption and cost are critical factors for portable smart devices, says Hae-Seung Lee, Professor of Electrical Engineering in Advanced Television and Signal Processing, Director of Microsystems Technology Laboratories and lead author of the latest research paper.
“Side channel attacks are always a game of cat and mouse. If we hadn’t done the work, hackers would most likely have found these methods and used them to attack analog-to-digital converters, so we anticipate the action of hackers,” he adds.
Joining Lee on the paper is first author and graduate student Ruicong Chen; graduate student Hanrui Wang; and Anantha Chandrakasan, Dean of the MIT School of Engineering and Vannevar Bush Professor of Electrical Engineering and Computer Science. The research will be presented at the IEEE Symposium on VLSI Circuits. A related article, written by first author and graduate student Maitreyi Ashok; Edlyn Levine, formerly with MITER and now Scientific Director of America’s Frontier Fund; and lead author Chandrakasan, was recently presented at the IEEE Custom Integrated Circuits conference.
The authors of the IEEE Journal of Solid State Circuits article are lead author Taehoon Jeong, who was a graduate student at MIT and now works with Apple, Inc, Chandrakasan, and Lee, a lead author.
A non-invasive attack
To conduct a power side channel attack, a malicious agent typically solders a resistor onto the device’s circuit board to measure its power consumption. But an electromagnetic side channel attack is non-invasive; the agent uses an electromagnetic probe that can monitor the electrical current without touching the device.
The researchers showed that an electromagnetic side-channel attack was just as effective as a power side-channel attack on an analog-to-digital converter, even when the probe was held 1 centimeter from the chip. A hacker could use this attack to steal private data from an implantable medical device.
To thwart these attacks, the researchers added randomization to the ADC conversion process.
An ADC takes an unknown input voltage, perhaps from a biometric sensor, and converts it to a digital value. To do this, a common type of ADC sets a threshold at the center of its voltage range and uses a circuit called a comparator to compare the input voltage to the threshold. If the comparator decides the input is larger, the ADC sets a new threshold in the upper half of the range and runs the comparator again.
This process continues until the unknown range becomes so small that it can assign a numeric value to the input.
The ADC typically sets thresholds using capacitors, which draw different amounts of electrical current as they switch. An attacker can monitor power supplies and use them to train a machine learning model that reconstructs output data with surprising precision.
Randomization of the process
To avoid this, Ashok and his collaborators used a random number generator to decide when each capacitor switches. This randomization makes it much more difficult for an attacker to correlate power supplies with output data. Their technique also keeps the comparator running all the time, preventing an attacker from determining when each stage of the conversion started and ended.
“The idea is to break what would normally be a binary search process into smaller chunks where it becomes unclear which stage of the binary search process you are at. By introducing some randomness into the conversion, the leak is independent of what the individual operations are,” says Ashok.
Chen and his collaborators have developed an ADC that randomizes the starting point of the conversion process. This method uses two comparators and an algorithm to randomly set two thresholds instead of one, so there are millions of possible ways for an ADC to arrive at a digital output. This makes it nearly impossible for an attacker to correlate a power waveform to a digital output.
Using two thresholds and splitting the chip into two halves not only allows for random starting points, but also removes any speed penalty, allowing it to run nearly as fast as a standard ADC.
Both methods are resilient against power and electromagnetic side channel attacks without impairing ADC performance. Ashok’s method required only 14% more chip area, while Chen’s required no additional area. Both consume much less power than other secure ADCs.
Each technique is adapted to a specific use. The scheme developed by Ashok is simple, which makes it well suited for low-power applications like smart devices. Chen’s more complex technique is designed for high-throughput applications like video processing.
“In the last half century of ADC research, people have focused on improving power, performance, or circuit surface area. We have shown that it is also extremely important to consider the security side of ADCs. We have new dimensions for designers to consider,” says Chen.
Now that they have shown the effectiveness of these methods, the researchers plan to use them to develop detection chips. In these chips, the protection would only activate when the chip detects a side-channel attack, which could increase power efficiency while maintaining security.
“To create secure devices with low power consumption, it is necessary to optimize each component of the system. The notion of secure analog and mixed-signal circuits is a relatively new and important direction of research. Our research shows that it is possible to essentially infer the data at the output of analog-to-digital converters with high accuracy by taking advantage of advances in machine learning and fine-grained measurement techniques,” Chandrakasan says. “Through optimized circuit methods such as optimization of switching patterns, it is possible to create secure power and EM side channel circuits, enabling fully secure systems. This is going to be critical in applications such as healthcare, where data privacy is essential.
“S2ADC: A 12-bit, 1.25-MS/s Secure SAR ADC With Power Side-Channel Attack Resistance” by Taehoon Jeong, Anantha P. Chandrakasan, and Hae-Seung Lee, October 13, 2020, IEEE Journal of Solid State Circuits.
“Randomized Switching SAR (RS-SAR) ADC Protections for Power and Electromagnetic Side Channel Security” by Maitreyi Ashok, Edlyn V. Levine and Anantha P. Chandrakasan, May 18, 2022, IEEE Conference on Custom Integrated Circuits (CICC) 2022.
The research is funded, in part, by the MITER Innovation Program, National Science Foundation Graduate Research Fellowship Program, MathWorks Engineering Fellowship, Defense Advanced Research Protection Agency, Office of Naval Research, Analog Devices, and MIT Center for Integrated Circuits and Systems. The prototype chips were fabricated under the TSMC University Shuttle Program.