ALL-IN-ONE PLATFORM
esDynamic
Manage your attack workflows in a powerful and collaborative platform.
Expertise Modules
Executable catalog of attacks and techniques.
Infrastructure
Integrate your lab equipment and remotely manage your bench.
Lab equipments
Upgrade your lab with the latest hardware technologies.
PHYSICAL ATTACKS
Side Channel Attacks
Evaluate cryptography algorithms from data acquitition to result visualisation.
Fault Injection Attacks
Laser, Electromagnetic or Glitch to exploit a physical disruption.
Security Failure Analysis
Explore photoemission and thermal laser stimulation techniques.
EXPERTISE SERVICES
Evaluation Lab
Our team is ready to provide expert analysis of your hardware.
Starter Kits
Build know-how via built-in use cases developed on modern chips.
Cybersecurity Training
Grow expertise with hands-on training modules guided by a coach.
ALL-IN-ONE PLATFORM
esReverse
Static, dynamic and stress testing in a powerful and collaborative platform.
Extension: Intel x86, x64
Dynamic analyses for x86/x64 binaries with dedicated emulation frameworks.
Extension: ARM 32, 64
Dynamic analyses for ARM binaries with dedicated emulation frameworks.
DIFFERENT USAGES
Penetration Testing
Identify and exploit system vulnerabilities in a single platform.
Vulnerability Research
Uncover and address security gaps faster and more efficiently.
Malevolent Code Analysis
Effectively detect and neutralise harmful software.
Digital Forensics
Collaboratively analyse data to ensure thorough investigation.
EXPERTISE SERVICES
Software Assessment
Our team is ready to provide expert analysis of your binary code.
Cybersecurity training
Grow expertise with hands-on training modules guided by a coach.
INDUSTRIES
Semiconductor
Security Labs
Governmental agencies
Academics
ABOUT US
Why eShard?
Our team
Careers
FOLLOW US
Linkedin
Twitter
Youtube
Gitlab
Github
The history of Side-channel
If you think that the resistance of a cryptographic algorithm relies only on the underlying recognized hard problem, you are wrong! Because we cannot make the necessary computation by ourselves, we need to get it done by an electronic device. This is here that a hacker can break the security!
Against all expectations, the resistance of cryptographic algorithms is not only related to the underlying hard problem evaluated by classical cryptanalysis to establish the difficulty to break the cryptosystem. Indeed, side-channel attacks have emerged as a prominent threat to information security, encompassing a wide range of techniques that exploit unintended information leakage from computing systems.
A bit of history
The history of side-channel attacks can be traced back to the late 20th century when researchers discovered that the physical implementation of cryptographic algorithms could unintentionally reveal valuable information. Rather than targeting the theoretical strength of algorithms, side-channel attacks make use of the “side information” exposed during the cryptographic operation, such as power consumption, electromagnetic radiation, execution timing, or sound emanations.
For example, variations in power consumption patterns during cryptographic operations or electromagnetic radiation emitted by the hardware can provide valuable insights into the computations being performed. Particularly, these side-channels are mostly related with the Hamming Weight (HW) or Hamming Distance (HD) of the intermediate data processed by the algorithm! In side-channel analysis literature, such side information collected during the cryptographic operation (encryption, decryption, signature generation, etc.) is referred to as traces.
Side-channel attacks have proven to be particularly effective against a variety of devices, including smart cards, embedded systems, and even modern CPUs. An unprotected Advanced Encryption Standard (AES) implementation can be broken in minutes by statistical analysis of a few hundred power traces, while there is no known practical attack to AES better than the brute force. Similarly, it is a well-known fact that a careless implementation of RSA reveals the secret exponent just by observing a single power trace.
As side-channel attacks gained attention, researchers and practitioners recognized the need to develop robust countermeasures to mitigate their impact and ensure the confidentiality of sensitive information. Cryptographers and hardware designers have been working to develop techniques that protect against side-channel attacks without compromising performance or usability.
Countermeasures often involve techniques like randomizing the inner computations at the heart of cryptographic algorithm breaking the link between the observable side-channel and the sensible information targeted by the attacker. Implementing cryptographic algorithms must be done with side-channel resistance in mind. It remains an ongoing challenge to address all possible side-channel leakage sources comprehensively. As technology evolves and adversaries refine their techniques, continual research, collaboration, and vigilance are crucial to stay ahead in the ever-evolving landscape of side-channel attacks.
Efficient Tooling for the Side-Channel Analyst
You may have heard about exploits by people equipped with an oscilloscope listening to a target device activity to retrieve some secrets. Depending on the standpoint, these people are called side-channel analysts or hackers.
The following post series explains the setup, data acquisition, signal processing, and attack focusing/variation for applying power/EM side-channel analysis to the attack surface of the target system. Stay tuned!
