Chypnosis: Undervolting-based Static Side-channel Attacks
Kyle Mitard, Saleh Khalaj Monfared, Fatemeh Khojasteh Dana, Robert Dumitru, Yuval Yarom, Shahin Tajik
TL;DR
Chypnosis introduces a novel undervolting-based static SCA attack that halts the chip’s internal clocks during a brownout while preserving volatile data, enabling data extraction via static techniques such as LLSI and IA. By rapidly dropping supply voltage, the approach bypasses both soft IP and hard IP clock/voltage sensors and even OpenTitan’s alert handling, as demonstrated on SRAM-based and Flash-based FPGAs and in a real OpenTitan deployment. The authors pair the attack with LLSI and IA to recover register contents and AES key shares in a single or few traces, and they show the practical threat by bypassing threat responses and extracting keys from a protected cryptographic module. To mitigate this, they propose a hardware countermeasure based on complementary registers and asynchronous resets/presets that preserves randomness and balances transitions, and they validate its resilience against Chypnosis across targeted FPGA families. The work emphasizes the real-world impact on root-of-trust components and static SCA defenses, and highlights the need for robust clock-sensor designs that remain reliable under brownout conditions.
Abstract
Static side-channel analysis attacks, which rely on a stopped clock to extract sensitive information, pose a growing threat to embedded systems' security. To protect against such attacks, several proposed defenses aim to detect unexpected variations in the clock signal and clear sensitive states. In this work, we present \emph{Chypnosis}, an undervolting attack technique that indirectly stops the target circuit clock, while retaining stored data. Crucially, Chypnosis also blocks the state clearing stage of prior defenses, allowing recovery of secret information even in their presence. However, basic undervolting is not sufficient in the presence of voltage sensors designed to handle fault injection via voltage tampering. To overcome such defenses, we observe that rapidly dropping the supply voltage can disable the response mechanism of voltage sensor systems. We implement Chypnosis on various FPGAs, demonstrating the successful bypass of their sensors, both in the form of soft and hard IPs. To highlight the real-world applicability of Chypnosis, we show that the alert handler of the OpenTitan root-of-trust, responsible for providing hardware responses to threats, can be bypassed. Furthermore, we demonstrate that by combining Chypnosis with static side-channel analysis techniques, namely laser logic state imaging (LLSI) and impedance analysis (IA), we can extract sensitive information from a side-channel protected cryptographic module used in OpenTitan, even in the presence of established clock and voltage sensors. Finally, we propose and implement an improvement to an established FPGA-compatible clock detection countermeasure, and we validate its resilience against Chypnosis.