Power Analysis Over JTAG Ports: Hidden Debug Dangers - Block Side-Channel Analysis Attacks

When I've presented side-channel power analysis attacks, I always use an oscilloscope or ADC that measures analog voltage variations. This is logical because side-channel power analysis attacks exploit the small changes in device power when it executes different instructions or even processes different data. This made it seem like a purely analog attack. Attackers need measurement access, such as a shunt resistor or electromagnetic probe. But what if attackers could use a purely digital interface, one that is already on your board, like the JTAG interface?

Things you always thought were safe might have hidden dangers. In this case, I will show you how a a side-channel power analysis attack occurs through the JTAG interface. But first, the background.

Back in the March 2024 issue of Circuit Cellar (Issue 404, "It's About Time: When Timing Attacks Reveal Power Usage), I recreated the work of a paper presented at CHES 2023 titled "JitSCA: Jitter-based Side-Channel Analysis in Picoscale Resolution", by Kai Schoos, Sergej Meschkov, Mehdi B. Tahoori, and Dennis R. E. Gnad.[1] In this article, I will present an extension of my talk at CHES 2024. If you want to see the full article entitled "Phase Modulation Side Channels: Jittery JTAG for On-Chip Voltage Measurements"[2] use a link to both the original paper and my extension available in article resources.

In my March 2024 column, I recreated the JitSCA paper to demonstrate how small changes in the phase of a clock directly leak a power trace. In the previous column, I used a basic voltage divider; here, I'm using an RF mixer component. While RF mixers are normally used to create a signal based on frequency differences, they will also give an output related to a phase difference of two signals.