Featured Research

from universities, journals, and other organizations

How safe is your swipe? Thinking like hackers, programmers find security loopholes in 'secure' microchips

Date:
September 27, 2010
Source:
American Friends of Tel Aviv University
Summary:
Researchers in Israel have developed an innovative way of extracting information from chip technology. By combining modern cryptology methods with constraint programming -- an area of computer science designed to solve a series of complex equations -- the researchers were able to extract more information from secure chips.

Researchers have developed an innovative way of extracting information from chip technology by combining modern cryptology methods with constraint programming.
Credit: iStockphoto

Used in a variety of products from credit cards to satellite televisions, secure chips are designed to keep encoded data safe. But hackers continue to develop methods to crack the chips' security codes and access the information within.

Thinking like hackers, Prof. Avishai Wool and his Ph.D. student Yossi Oren of Tel Aviv University's School of Electrical Engineering have developed an innovative way of extracting information from chip technology. By combining modern cryptology methods with constraint programming -- an area of computer science designed to solve a series of complex equations -- Prof. Wool and Oren were able to extract more information from secure chips. Their research, which could lead to important new advances in computer security, was recently presented at the 12th Workshop on Cryptographic Hardware and Embedded Systems (CHES) in Santa Barbara, CA.

Prof. Wool explains that cryptologists like himself try to stay one step ahead of attackers by thinking the way they do. "Companies need to know how secure their chip is, and how it can be cracked," he explains. "They need to know what they're up against."

Blocking out the "noise"

According to the researchers, the Achilles-heel of contemporary secure chips can be found in the chip's power supply. When a chip is in use, says Prof. Wool, it employs a miniscule amount of power. But the amount of this power, and how it fluctuates, depends on the kind of information the chip contains. By measuring the power fluctuations with an oscilloscope, a standard piece of lab equipment, and analyzing the data using appropriate algorithms, a potential hacker could decipher the information that the chip contains.

But extracting information in this way, through what the researchers call a "side channel," can be complex. When you do a power trace, says Prof. Wool, there is a lot of "noise" -- inaccuracies that result from the different activities the chip is doing at the time. He and Oren have now identified a method for blocking out the "noise" that has proved to be more effective than previous methods.

When applied to information gathered from a power source, a computer program like the one Prof. Wool and Oren have created can sort through this "noise" to deliver a more accurate analysis of a chip's secret contents. Their program is based in "constraint programming" -- the same computer programming approach used for complex scheduling programs like those used in the travel industry.

Knowing your enemy

No chip can be 100% secure, Prof. Wool admits. But he also stresses that it's important to explore the boundaries of how secure information can be extracted from these chips. An attacker could have access to a variety of computer technologies and equipment -- so researchers need to know the type of resources required to break a code, explains Prof. Wool. He has provided information to U.S. passport authorities on how to make the chips in passports more secure.

"We need to think like the attackers," he says, "in order to raise the bar against them."


Story Source:

The above story is based on materials provided by American Friends of Tel Aviv University. Note: Materials may be edited for content and length.


Cite This Page:

American Friends of Tel Aviv University. "How safe is your swipe? Thinking like hackers, programmers find security loopholes in 'secure' microchips." ScienceDaily. ScienceDaily, 27 September 2010. <www.sciencedaily.com/releases/2010/09/100920123914.htm>.
American Friends of Tel Aviv University. (2010, September 27). How safe is your swipe? Thinking like hackers, programmers find security loopholes in 'secure' microchips. ScienceDaily. Retrieved October 23, 2014 from www.sciencedaily.com/releases/2010/09/100920123914.htm
American Friends of Tel Aviv University. "How safe is your swipe? Thinking like hackers, programmers find security loopholes in 'secure' microchips." ScienceDaily. www.sciencedaily.com/releases/2010/09/100920123914.htm (accessed October 23, 2014).

Share This



More Computers & Math News

Thursday, October 23, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

Chameleon Camouflage to Give Tanks Cloaking Capabilities

Chameleon Camouflage to Give Tanks Cloaking Capabilities

Reuters - Innovations Video Online (Oct. 22, 2014) — Inspired by the way a chameleon changes its colour to disguise itself; scientists in Poland want to replace traditional camouflage paint with thousands of electrochromic plates that will continuously change colour to blend with its surroundings. The first PL-01 concept tank prototype will be tested within a few years, with scientists predicting that a similar technology could even be woven into the fabric of a soldiers' clothing making them virtually invisible to the naked eye. Matthew Stock reports. Video provided by Reuters
Powered by NewsLook.com
Internet of Things Aims to Smarten Your Life

Internet of Things Aims to Smarten Your Life

AP (Oct. 22, 2014) — As more and more Bluetooth-enabled devices are reaching consumers, developers are busy connecting them together as part of the Internet of Things. (Oct. 22) Video provided by AP
Powered by NewsLook.com
Google's Inbox Is The Latest Gmail Competitor

Google's Inbox Is The Latest Gmail Competitor

Newsy (Oct. 22, 2014) — Google's new e-mail app is meant for greater personalization and allows users to better categorize their mail, but Gmail isn't going away just yet. Video provided by Newsy
Powered by NewsLook.com
Free Math App Is A Teacher's Worst Nightmare

Free Math App Is A Teacher's Worst Nightmare

Newsy (Oct. 22, 2014) — New photo-recognition software from MicroBlink, called PhotoMath, solves linear equations and simple math problems with step-by-step results. Video provided by Newsy
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
 
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:  

Breaking News:

Strange & Offbeat Stories

 

Space & Time

Matter & Energy

Computers & Math

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:  

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile iPhone Android Web
Follow Facebook Twitter Google+
Subscribe RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins