When it comes to data security, there is an even greater danger than remote cyberattacks: namely the tampering of hardware that can be used to read information, such as credit card data from a card reader. . Researchers from Bochum have developed a new method to detect such manipulations. They monitor systems with radio waves that react to the slightest changes in ambient conditions. Unlike conventional methods, they can thus protect entire systems, not just individual components, and they can do so at a lower cost. RUB’s science magazine, Rubin, features a report by the team from Ruhr-Universität Bochum (RUB), the Max Planck Institute for Security and Privacy and IT company PHYSEC.
Paul Staat and Johannes Tobisch presented their findings at the IEEE Symposium on Security and Privacy, held in the United States from May 23-25, 2022. Both researchers are doing their PhDs at RUB and conducting research at Max Planck Institute for Security and Privacy. in Bochum in the team of Professor Christof Paar. For their research, they cooperate with Dr. Christian Zenger of the RUB PHYSEC spin-off.
Radio wave protection
Data is ultimately nothing more than electrical currents that travel between different computer components via conductive paths. A tiny metal object, located in the right place on the hardware, can be enough to tap into the information flows. To date, only individual system components, such as a crucial memory element or a processor, can be protected against such manipulation. “Generally, this is done with a type of foil with fine threads in which the material component is wrapped,” explains Paul Staat. “If the foil is damaged, an alarm is triggered.”
Bochum’s radio wave technology, however, can be used to monitor an entire system. For this, the researchers install two antennas in the system: a transmitter and a receiver. The transmitter sends out a special radio signal that travels throughout the system and is reflected off walls and computer components. All these reflections send the receiver a signal as characteristic of the system as a fingerprint.
Technology reacts to the smallest changes
Tiny changes to the system are enough to have a noticeable effect on the fingerprint, as the team demonstrated in experiments. Computer scientists have fitted a conventional computer with radio antennas and drilled holes in its casing at regular intervals. Through these holes, the researchers let a thin metal needle penetrate inside the system and checked if they noticed the change in the radio signal. In the process, they varied the thickness of the needle, the position and the depth of penetration.
With the computer running, they reliably detected the penetration of a needle 0.3 millimeters thick with their system from a penetration depth of one centimeter. The system always detected a needle only 0.1 millimeters thick – about as thick as a hair – but not in all positions. “The closer the needle is to the receiving antenna, the easier it is to detect,” explains Staat. “Therefore, in practical applications, it makes sense to think carefully about where you place the antennas,” adds Tobisch. “They should be as close as possible to components that require a high degree of protection.”
Basically, the technology is suitable for both high security applications and everyday issues. IT company PHYSEC already uses it to prevent unauthorized manipulation of critical infrastructure components.