Flash memory 'bumping' attacks
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
When failure analysis meets side-channel attacks
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Blind cartography for side channel attacks: cross-correlation cartography
International Journal of Reconfigurable Computing - Special issue on Selected Papers from the International Conference on Reconfigurable Computing and FPGAs (ReConFig'10)
Simple photonic emission analysis of AES: photonic side channel analysis for the rest of us
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Differential photonic emission analysis
COSADE'13 Proceedings of the 4th international conference on Constructive Side-Channel Analysis and Secure Design
Hi-index | 0.00 |
This paper shows that optical emissions from an operating chip have a good correlation with power traces and can therefore be used to estimate the contribution of different areas within the chip. I present a low-cost approach using inexpensive CCD cameras. The technique was used to recover data stored in SRAM, EEPROM and Flash of a 0.9 µm microcontroller. The result of a backside approach in analysing a 0.13 µm chip is also presented. Practical limits for this analysis in terms of sample preparation, operating conditions and chip technology are also discussed. Optical emission analysis can be used for partial reverse engineering of the chip structure by spotting the active areas. This can assist in carrying out optical fault injection attacks later, thereby saving the time otherwise required for exhaustive search.