Side-Channel Attacks Against the Human Brain: The PIN Code Case Study
نویسندگان
چکیده
We revisit the side-channel attacks with Brain-Computer Interfaces (BCIs) first put forward by Martinovic et al. at the USENIX 2012 Security Symposium. For this purpose, we propose a comprehensive investigation of concrete adversaries trying to extract a PIN code from electroencephalogram signals. Overall, our results confirm the possibility of partial PIN recovery with high probability of success in a more quantified manner (i.e., entropy reductions), and put forward the challenges of full PIN recovery. They also highlight that the attack complexities can significantly vary in function of the adversarial capabilities (e.g., supervised / profiled vs. unsupervised / non-profiled), hence leading to an interesting tradeoff between their efficiency and practical relevance. We then show that similar attack techniques can be used to threat the privacy of BCI users. We finally use our experiments to discuss the impact of such attacks for the security and privacy of BCI applications at large, and the important emerging societal challenges they raise.
منابع مشابه
Side channel parameter characteristics of code injection attacks
Embedded systems are suggestive targets for code injection attacks in the recent years. Software protection mechanisms, and in general computers, are not usually applicable in embedded systems since they have limited resources like memory and process power. In this paper we investigate side channel characteristics of embedded systems and their applicability in code injection attack detection. T...
متن کاملA new CPA resistant software implementation for symmetric ciphers with smoothed power consumption: SIMON case study
In this paper we propose a new method for applying hiding countermeasure against CPA attacks. This method is for software implementation, based on smoothing power consumption of the device. This method is evaluated on the SIMON scheme as a case study; however, it is not relying on any specific SIMON features. Our new method includes only AND equivalent and XOR equivalent operations since every ...
متن کاملA Review of Internet of Things Architecture, Technologies and Analysis Smartphone-based Attacks Against 3D printers
Human beings cannot be happy with any kind of tiredness based work, so they focused on machines to work on behalf of humans. The Internet-based latest technology provides the platforms for human beings to relax and unburden feeling. The Internet of Things (IoT) field efficiently helps human beings with smart decisions through Machine-to-Machine (M2M) communication all over the world. It has bee...
متن کاملOrthogonal Direct Sum Masking - A Smartcard Friendly Computation Paradigm in a Code, with Builtin Protection against Side-Channel and Fault Attacks
Secure elements, such as smartcards or trusted platform modules (TPMs), must be protected against implementation-level attacks. Those include side-channel and fault injection attacks. We introduce ODSM, Orthogonal Direct Sum Masking, a new computation paradigm that achieves protection against those two kinds of attacks. A large vector space is structured as two supplementary orthogonal subspace...
متن کاملSCA1 Model: Towards a concrete security approach to the design of cryptosystems secure against side-channel attacks
When implementing cryptosystems on general purpose cryptographic hardware, one takes profit of the Application Programming Interfaces (APIs) displaced by the hardware to code the required cryptosystems. The functions made available by these APIs are divided into two groups, the group of the non-cryptographic functions and the group of the cryptographic primitives. When using these functions, on...
متن کامل