C3Subtitles: 30C3: Security of the IC Backside

Security of the IC Backside

The future of IC analysis

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
In the chain of trust of most secure schemes is an electronic chip that holds secret information. These schemes often employ cryptographically secure protocols. The weakest link of such a scheme is the chip itself. By attacking the chip directly an attacker can gain access to the secret data in its unencrypted form. In this presentation we demonstrate the attack class of the future, backside attacks. This class of attacks mitigate all device countermeasures and can access all signals of the device. As opposed to the attacks of today, these attacks can also be applied to complex systems such as the ARM SoCs of modern smartphones.

Over recent years hackers and chip manufacturers have been deadlocked in the field of integrated circuit security. From reverse engineering proprietary cryptographic algorithms and microprobing bus lines to fault injection and side cannel attacks, every class of attack has ushered in new preventative countermeasures. Most attacks to date are performed from the frontside where all the active areas and circuit nodes are accesible. Hence, all countermeasures, such as shields and meshes, also focus on mitigating attacks from the frontside. Security relevant signals are burried under many layers of metalization to make them inaccessible to frontside attackers.
The direct consequence is that backside attacks become significantly more appealing. With comprably little effort, many old-school attacks are once again possible. Setting or resetting fuses, probing wires or even single transistors is possible, not only with needles but with electron beams or lasers. More exotic attacks are feasible from the backside as well. For example, in switching transistors some of the electrons induce photons that can be seen with an infrared camera during execution. The opposite, i.e. iducing laser light, can also result in successful glitching attacks.
Currently, there are is little IC vendors can do to prevent such attacks.

Talk ID
Saal 1
9:45 p.m.
Security & Safety
Type of
Talk Slug & media link
0.0% Checking done0.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
100.0% Nothing done yet100.0%

English: Transcribed until

Last revision: 1 month, 4 weeks ago