« Back to Blog
Side Channel Attacks: What They Are and How to Prevent Them
By Jordan Iriarte
Dec 28, 2017
In modern times as data becomes more secure with encryption, there are certain attacks that you may not be aware of. One specific type of attack is called a side-channel attack.
What is a side-channel attack?
Side-channel attacks rely on measuring tendencies and frequencies of your computer to establish patterns that can extract private information from your machine.
Side-channel attacks or SCA, monitor your power use and electromagnetic emissions during cryptographic operations. Due to the low cost and simplicity of these attacks, multiple side-channel techniques can be used. Here is a list of the different techniques:
- Cache Attack — Monitor your cache accesses in a shared physical system. Commonly found in virtualized environment or a type of cloud service.
- Timing Attack — Monitor the time of computations and establishing patterns.
- Power-Monitoring Attack — Monitor the power consumption by the hardware during computation.
- Electromagnetic Attack — Based on leaked electromagnetic radiation, which can directly provide plain texts and other information. Such measurements can be used to infer cryptographic keys using techniques equivalent to those in power analysis or can be used in non-cryptographic attacks.
- Acoustic Cryptanalysis — Exploits sound produced during a computation (rather like power analysis).
- Differential Fault Analysis — Secrets are discovered by introducing faults in a computation.
- Data Remanence — Sensitive data are read after supposedly having been deleted.
- Software-Initiated Fault Attacks — Currently a rare class of side-channels, row hammer is an example in which off-limits memory can be changed by accessing adjacent memory too often (causing state retention loss).
- Optical - Secrets and sensitive data can be read by visual recording using a high resolution camera, or other devices that have such capabilities (see examples below).
Different ways to help prevent these attacks have been introduced but not widely implemented. A few ways to try to prevent these attacks are:
- Eliminating the release of private information or making sure this information is unrelated to your private data.
- Power line conditioning and filtering to deter power-monitoring attacks as well as emitting a channel with noise.
- Blinding technique that serves to alter the algorithm’s input into some unpredictable state rendering some or all of the leakage of useful information.
Once your keys are established, hackers could gain access to your data and could increase your chances of corruption or removal. Side-channel and other types of cyberattacks are one of the key reasons you should always have redundant backups running using a service like Jungle Disk and another form of backup such as an external hard drive or network attached storage device.