A Low Area Probing Detector for Security ICs

Microprobing is an attack technique against integrated circuits implementing security functions, such as OTP tokens or smartcards. It allows intercepting secrets from onchip wires as well as injecting faults for other attacks. While the attack procedure of etching open the chip package and removing the passivation layer may sound complicated and expensive, Maier and Nohl showed in 2012 that microprobing is feasible for low-budget adversaries. However, existing protection techniques against microprobing, such as active shields, redundancy of core components, or analog detection circuits containing large capacitors, are expensive. In this paper, we present a low cost Low Area Probing Detector (LAPD). It measures minimal timing differences between on-chip bus lines caused by the capacitive load of microprobes. This is achieved by evaluating race conditions between two inputs of a latch. Compared to previous approaches, the LAPD does not require any analog circuitry, which reduces the required area and process steps. Simulations show that the LAPD can detect up-to-date probes with capacitances as low as 10 fF.     «

Microprobing is an attack technique against integrated circuits implementing security functions, such as OTP tokens or smartcards. It allows intercepting secrets from onchip wires as well as injecting faults for other attacks. While the attack procedure of etching open the chip package and removing the passivation layer may sound complicated and expensive, Maier and Nohl showed in 2012 that microprobing is feasible for low-budget adversaries. However, existing protection techniques against mi...     »