AI Chat Paper
Note: Please note that the following content is generated by AMiner AI. SciOpen does not take any responsibility related to this content.
{{lang === 'zh_CN' ? '文章概述' : 'Summary'}}
{{lang === 'en_US' ? '中' : 'Eng'}}
Chat more with AI
PDF (4.8 MB)
Collect
Submit Manuscript AI Chat Paper
Show Outline
Outline
Show full outline
Hide outline
Outline
Show full outline
Hide outline
Open Access

Arm PSA-Certified IoT Chip Security: A Case Study

College of Computer Science and Software Engineering, Shenzhen University, Shenzhen 518060, China
Department of Electrical and Computer Engineering, the University of British Columbia, Vancouver, BC V6T 1Z4, Canada
Open Security Research, Inc., Shenzhen 518000, China
Show Author Information

Abstract

With the large scale adoption of Internet of Things (IoT) applications in people’s lives and industrial manufacturing processes, IoT security has become an important problem today. IoT security significantly relies on the security of the underlying hardware chip, which often contains critical information, such as encryption key. To understand existing IoT chip security, this study analyzes the security of an IoT security chip that has obtained an Arm Platform Security Architecture (PSA) Level 2 certification. Our analysis shows that the chip leaks part of the encryption key and presents a considerable security risk. Specifically, we use commodity equipment to collect electromagnetic traces of the chip. Using a statistical T-test, we find that the target chip has physical leakage during the AES encryption process. We further use correlation analysis to locate the detailed encryption interval in the collected electromagnetic trace for the Advanced Encryption Standard (AES) encryption operation. On the basis of the intermediate value correlation analysis, we recover half of the 16-byte AES encryption key. We repeat the process for three different tests; in all the tests, we obtain the same result, and we recover around 8 bytes of the 16-byte AES encryption key. Therefore, experimental results indicate that despite the Arm PSA Level 2 certification, the target security chip still suffers from physical leakage. Upper layer application developers should impose strong security mechanisms in addition to those of the chip itself to ensure IoT application security.

References

【1】
【1】
 
 
Tsinghua Science and Technology
Pages 244-257

{{item.num}}

Comments on this article

Go to comment

< Back to all reports

Review Status: {{reviewData.commendedNum}} Commended , {{reviewData.revisionRequiredNum}} Revision Required , {{reviewData.notCommendedNum}} Not Commended Under Peer Review

Review Comment

Close
Close
Cite this article:
Chen F, Luo D, Li J, et al. Arm PSA-Certified IoT Chip Security: A Case Study. Tsinghua Science and Technology, 2023, 28(2): 244-257. https://doi.org/10.26599/TST.2021.9010094

2393

Views

213

Downloads

16

Crossref

10

Web of Science

16

Scopus

0

CSCD

Received: 28 July 2021
Revised: 12 December 2021
Accepted: 13 December 2021
Published: 29 September 2022
© The author(s) 2023.

The articles published in this open access journal are distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/).