%0 Conference Proceedings
%T How TrustZone Could Be Bypassed: Side-Channel Attacks on a Modern System-on-Chip
%+ Laboratoire de Haute Sécurité (LHS - Inria)
%+ Threat Analysis and Mitigation for Information Security (TAMIS)
%+ IMT Atlantique (IMT Atlantique)
%+ Département Systèmes Réseaux, Cybersécurité et Droit du numérique (IMT Atlantique - SRCD)
%+ Confidentialité, Intégrité, Disponibilité et Répartition (CIDRE)
%A Bukasa, Sebanjila, Kevin
%A Lashermes, Ronan
%A Le Bouder, Hélène
%A Lanet, Jean-Louis
%A Legay, Axel
%Z Part 3: Trusted Execution
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 11th IFIP International Conference on Information Security Theory and Practice (WISTP)
%C Heraklion, Greece
%Y Gerhard P. Hancke
%Y Ernesto Damiani
%I Springer International Publishing
%3 Information Security Theory and Practice
%V LNCS-10741
%P 93-109
%8 2017-09-28
%D 2017
%R 10.1007/978-3-319-93524-9_6
%K ARM TrustZone
%K Side-Channel Analysis (SCA)
%K Raspberry Pi 2
%Z Computer Science [cs]Conference papers
%X Side-channel attacks (SCA) exploit the reification of a computation through its physical dimensions (current consumption, EM emission, ...). Focusing on Electromagnetic analyses (EMA), such analyses have mostly been considered on low-end devices: smartcards and microcontrollers. In the wake of recent works, we propose to analyze the effects of a modern microarchitecture on the efficiency of EMA (here Correlation Power Analysis and template attacks). We show that despite the difficulty to synchronize the measurements, the speed of the targeted core and the activity of other cores on the same chip can still be accommodated. Finally, we confirm that enabling the secure mode of TrustZone (a hardware-assisted software countermeasure) has no effect whatsoever on the EMA efficiency. Therefore, critical applications in TrustZone are not more secure than in the normal world with respect to EMA, in accordance with the fact that it is not a countermeasure against physical attacks. For the best of our knowledge this is the first application of EMA against TrustZone.
%G English
%Z TC 11
%Z WG 11.2
%2 https://inria.hal.science/hal-01875521/document
%2 https://inria.hal.science/hal-01875521/file/469589_1_En_6_Chapter.pdf
%L hal-01875521
%U https://inria.hal.science/hal-01875521
%~ INSTITUT-TELECOM
%~ UNIV-RENNES1
%~ CNRS
%~ INRIA
%~ UNIV-UBS
%~ INSA-RENNES
%~ INRIA-RENNES
%~ IRISA
%~ IRISA_SET
%~ INRIA_TEST
%~ SUP_CIDRE
%~ TESTALAIN1
%~ IFIP-LNCS
%~ IFIP
%~ CENTRALESUPELEC
%~ INRIA2
%~ IFIP-TC
%~ IFIP-TC11
%~ UR1-HAL
%~ UR1-MATH-STIC
%~ IFIP-WISTP
%~ IFIP-WG11-2
%~ UR1-UFR-ISTIC
%~ CENTRALESUPELEC-SACLAY
%~ INRIA2017
%~ IMTA_SRCD
%~ CHAIRE-CYBERSECURITE
%~ TEST-UNIV-RENNES
%~ TEST-UR-CSS
%~ CENTRALESUPELEC-SACLAY-VP
%~ IRISA_IMTA
%~ UNIV-RENNES
%~ INRIA-RENGRE
%~ IMT-ATLANTIQUE
%~ IFIP-LNCS-10741
%~ INSTITUTS-TELECOM
%~ UR1-MATH-NUM