FoxPointe Security Hub

Side Channel Attacks & How to Prevent Them

Access Management

This article was written by Jessica Ramirez, Security Consultant at FoxPointe Solutions.

In 2018, one of the most well-known side-channel attacks was discovered. The Spectre and Meltdown attack was noteworthy because of how the exploitation affected almost every modern computer processor using software alone, making it difficult to detect. There was a specific technique called “speculative execution” that created a vulnerability in the computer processers. This technique which allows a processor (CPU) to perform a series of tasks before it is prompted, in order to have the information ready if it is required in the future, created a vulnerability due to the processer handling sensitive data before it checked whether the user had permission to access that data.  Spectre and Meltdown was able to exploit this vulnerability by tricking the processor into executing instructions that would not normally be executed, then used a side-channel analysis to infer the sensitive data that was being processed. This allowed attackers to steal sensitive data from a wide range of devices.

In the case above, the attacker was able to use a side-channel attack, which is a type of cyber-attack that is used to extract sensitive data by taking advantage of vulnerabilities in a computer system’s hardware or software such as: shared system resources, timing information, power consumption and electromagnetic emissions. These types of attacks are serious threats to data security and are becoming more common obstacles as technology evolves and becomes more advanced.  It’s important for organizations to understand the threats that side-channel attacks can pose since they do not rely on traditional hacking techniques but instead exploit weaknesses in an organization’s systems’ design or implementation to gain unauthorized access.

There is a growing number of side-channel attacks that organizations should consider.

Some of the Most Common Attacks Seen Are:

  • Timing Attacks: a security exploit that discovers vulnerabilities in the computer or network system by carefully measuring the length of time taken for a system to respond to different inputs. This method enables an attacker to deduce sensitive information (ex. encryption keys)
  • Power Analysis: attackers analyze the power consumption of a system.
  • Electromagnetic Attacks: attackers study the electromagnetic radiation emitted by a system.
  • Template Attack: attackers can create ‘profiles’ of sensitive devices and apply these profiles to find victims’ secret keys.

How to Prevent Side-Channel Attacks:

  1. Using Strong Cryptography

One of the most important ways to prevent side-channel attacks is the use of strong cryptography. An organization should use encryption algorithms that are resistant to various types of attacks, including but not limited to side-channel attacks. The use of strong cryptography also allows an organization to ensure that encryption keys are generated and stored securely.

  1. Secure Hardware

Using secure hardware can ensure that an organization’s hardware is designed to resist attacks such as: power analysis, electromagnetic and template attacks. Protecting against physical tampering, using hardware security modules and implementing physical a logical access controls are some of the many ways of securing hardware.

  1. Updating Software and Firmware on a Regular Basis:

Administrators should vigilantly monitor their entire systems for known vulnerabilities and keep software up to date to prevent these kinds of attacks. Having procedures in place to ensure regular updates can reduce the likelihood of successful attacks.

  1. Implementing Countermeasures

Having countermeasures in place makes it harder for attackers to extract useful information from side channels. Types of common countermeasures are: randomizing instruction timing, applying masking to hide sensitive data.

  1. Performing Regular Security Audits or Assessments

Whether it’s done internal or by a third party, regularly performing security audits or assessments can identify and address vulnerabilities that could be exploited by side channels.