A practical approach of Power Analysis dedicated to reverse Engineering
This submission presents an experimental protocol developed to extract (part of) the code that runs on an embedded system using its power consumption
Experimental content (no math!), proof of concept, tools, limits, protections and prospective
The purpose of our study is to try to show how the analysis of electrical consumption of an embedded system enables us to find parts of the codes that it executes; this is done by presenting an operating mode, tools, a solid analysis, results, counter-measures and future research axes. It is all about trying to find another approach to the audit system. This approach aims at acquiring the code (reverse engineering) without having a physical access to the internal system components.
Our submission content will consist in making a quick presentation of the physical phenomenon at the origin of this type of information leak, confirming whether a sequence of instructions (opcode and data) can be found (reversed) by the analysis of electrical current used by the embedded system during the execution of a program, assessing then overcoming the technical difficulties in its achievement (Signal Acquisition, treatment and analysis, limitsÉ), presenting a proof of concept and possible countermeasures to limit the risks.
Yann ALLAIN, founder and current director of the OPALE SECURITY company (www.opale-security.eu). He graduated from a computer and electronic engineering school (Polytech -UniversitŽ Pierre et Marie Curie). After a time in the electronic industry as an engineer in embedded system conception, he made a career move towards IT. He started as a production manager for a company in the financial sector (Private Banking), and evolved towards IT security when he became part of the ACCOR group. He was in charge of applicative security for the group. He has an 18-year experience, 14 of which dedicated to IT system and embedded system security. OPALE SECURITY deals with research projects linked, amongst other things to the security of embedded systems (http://www.opale-security.eu/innovation-information-systems-security.html)
Julien Moinard, an electronics technician with a solid background in this field (over 7 years) associated with many personal and professional experiments in the field of microcontrollers. Furthermore, he contributes to training 1st year students in an electrical engineering and industrial computing DUT (2-year technical degree). He is in the 2nd year of this program.