Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher.
Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?
Some links on this page may take you to non-federal websites. Their policies may differ from this site.
-
Free, publicly-accessible full text available November 3, 2025
-
Free, publicly-accessible full text available October 1, 2025
-
Free, publicly-accessible full text available September 4, 2025
-
The threats of physical side-channel attacks and their countermeasures have been widely researched. Most physical side-channel attacks rely on the unavoidable influence of computation or storage on current consumption or voltage drop on a chip. Such data-dependent influence can be exploited by, for instance, power or electromagnetic analysis. In this work, we introduce a novel non-invasive physical side-channel attack, which exploits the data-dependent changes in the impedance of the chip. Our attack relies on the fact that the temporarily stored contents in registers alter the physical characteristics of the circuit, which results in changes in the die's impedance. To sense such impedance variations, we deploy a well-known RF/microwave method called scattering parameter analysis, in which we inject sine wave signals with high frequencies into the system's power distribution network (PDN) and measure the echo of the signals. We demonstrate that according to the content bits and physical location of a register, the reflected signal is modulated differently at various frequency points enabling the simultaneous and independent probing of individual registers. Such side-channel leakage challenges the t-probing security model assumption used in masking, which is a prominent side-channel countermeasure. To validate our claims, we mount non-profiled and profiled impedance analysis attacks on hardware implementations of unprotected and high-order masked AES. We show that in the case of the profiled attack, only a single trace is required to recover the secret key. Finally, we discuss how a specific class of hiding countermeasures might be effective against impedance leakage.more » « less
-
Contactless probing methods through the chip backside have been demonstrated to be powerful attack techniques in the field of electronic security. However, these attacks typically require the adversary to run the circuit under specific conditions, such as enforcing the switching of gates or registers with certain frequencies or repeating measurements over multiple executions to achieve an acceptable signal-to-noise ratio (SNR). Fulfilling such requirements may not always be feasible due to challenges such as low-frequency switching or inaccessibility of the control signals. In this work, we assess these requirements for contactless electron- and photon-based probing attacks by performing extensive experiments. Our findings demonstrate that E-beam probing, in particular, has the potential to outperform optical methods in scenarios involving static or low-frequency circuit activities.more » « less