Our critical personal data is stored across a vast range of devices. Whether it be the biometric chip in your passport, the chip in your credit card, the GPS data in your phone or Apple Pay/Google Wallet on your phone or smartwatch, our personal data is stored across more devices than ever before.
Consequently, the ability to manipulate that information has never been easier. Cryptographic systems within the hardware of these devices seek to protect your critical data from manipulation, but what protects these systems from attacks?
Hackers are using ever more sophisticated tools and methods to read and manipulate our sensitive data stored within these systems.
Anti-tamper IP such as clock attack monitors and voltage glitch detectors play a vital role in detecting security attacks which involve the manipulation of clock signals or voltage levels to exploit vulnerabilities in electronic systems, which otherwise may result in the leaking of sensitive data.
Successful deployment of these technologies can stop attackers from gaining unauthorised access to these systems and avoid damage to critical infrastructure or the extraction of confidential information.
The role of clock attack monitors
Clock attacks, which are becoming increasingly common, involve manipulating the clock signal that controls the timing of operations in a microprocessor.
By physically altering the clock’s frequency or timing an attacker can force a change in the system, exposing vulnerabilities or data.
Clock attack monitors closely follow the frequency and timing of the clock signal that enables the system’s operations. Any irregularity in these signals, like sudden changes in frequency or unforeseen delays, can be an indication of a potential attack. If variations in the clock signal are identified, the monitor can initiate a number of countermeasures, such as going into safe mode, starting a reset or sending alerts, so the system and its sensitive information are protected.
Clock attack monitors also help to ensure the reliability of the system, as rigorous ongoing tracking means that the system operates within strict parameters.
The secure area within a microprocessor and a SoC (System-on-Chip) involves sensitive computations, such as key generation or encryption, which rely heavily on precise timing. Therefore, these are vulnerable to clock attacks that can exploit timing-dependent processes and weaken cryptographic defences.
For embedded systems and IoT devices anti-tamper tools are also important. Using a clock attack monitor means that if an IoT device’s clock is being manipulated to influence sensor readings it can be detected.
An attack of this nature could be very dangerous if, for example, the target is something like a smart medical device assessing a patient’s heart rate remotely.
The role of voltage glitch detectors
Voltage glitching attacks occur when an attacker tampers with the power supply of a device.
Even minor voltage fluctuations can result in vulnerabilities, allowing attackers to bypass security features or impact on the system’s operations. Voltage glitch detectors continuously monitor the power supply to make sure that it remains within the predicted ranges. When an unexpected difference in voltage is identified, this will trigger an alert and the system may even be shut down to prevent damage or data leaks.
Attackers attempt to create voltage drops or spikes to introduce errors that enable them to break encryption algorithms. Voltage glitch detectors help prevent this by constantly verifying the integrity of the power supply, reducing the chances of attack success.
Voltage glitch detectors play a crucial part in tamper detection, especially in organisations where security is a fundamental requirement, such as those with financial systems, defence equipment and cryptographic devices. In smartcards, secure microcontrollers or cryptographic hardware, voltage glitch detectors are deployed so that an attempt to manipulate the power supply can be exposed.
Anti-tamper tools working together
Clock attack monitors and voltage glitch detectors working together can offer a comprehensive multi-layered anti-tamper solution. Having both forms of detection is highly recommended as attackers are increasingly using a combination of clock manipulation and voltage glitching techniques.
For example, voltage glitches can directly impact on timing behaviour, so manipulating the clock signal may not be the only way that an attacker can try to cause timing errors. Using a clock attack monitor and voltage glitch detector ensures that the system can identify and mitigate this tampering. Put simply, these detectors add an extra layer of complexity, so it is much more difficult for an attacker to compromise or gain access to a system, and there is a greater chance of discovering an attack attempt.
The fact that clock attack monitors and voltage glitch detectors both provide real-time tracking and reaction is also key. Attackers usually only have a limited amount of time, so swift detection and an immediate response will be a problem for them. Once an alert is made then security protocols are quickly activated. Also, any detected tampering can be logged for further detailed analysis – so even if attackers go away, they may later be identified and punished.
Recent advances
As SoC security threats continue to grow across the globe it is important that organisations implement anti-tamper solutions.
Clock attack monitors and voltage glitch detectors have a vital role to detect attacks that manipulate timing and voltage levels to exploit vulnerabilities.
Recently there have been new product advances in this space. Agile Analog offers customisable multi-process analogue IP, including anti-tampering solutions, that can be seamlessly integrated into any SoC. There is a clock attack monitor known as agileCAM and a voltage glitch detector known as agileVGLITCH.
Above: Agile Analog's agileVGLITCH solution
The agileCAM product is a new mixed-signal ring oscillator-based clock attack monitor that is designed to detect clock attacks involving changes in clock frequency, clock hold and clock glitch errors. It provides frequency measurement with programmable alarm thresholds.
The agileVGLITCH product is an enhanced voltage glitch detector with programmable thresholds that identifies voltage side-channel attacks (SCAs) and tampering, such as supply voltage changes/glitches and power supply manipulation.
In a world where the frequency and severity of security attacks are clearly on the rise, clock attack monitors and voltage glitch detectors are becoming indispensable anti-tampering tools needed by organisations to maintain the security of critical infrastructure, confidentiality of data and reliability of electronic systems.
Author details: Chris Morrison, VP Product Marketing, Agile Analog
