1. Field
The present invention relates generally to deterring a timing-based glitch attack during a secure boot process.
2. Background
A glitch attack is a widely used attack against highly secure platforms. A glitch may be achieved by a very precise, malicious modification of power or timing inputs to a platform's processor or external memory. Typically, the modification is a tiny pulse sent to the processor or memory by a “mod chip.” The intent is to change the execution path of the code, typically skipping over or subverting a critical check or validation step.
Generally, an attacker's objectives are: 1) to create an attack that is easily repeatable on a given device; 2) to create an attack that propagates and can be commoditized and commercialized (enabling the creation of cheap, easy to install mod chips); and 3) to break the chain of trust as early as possible (rooting or owning the device).
Once a glitch attack has been perfected against one device, it may be used against every device having the same configuration. Glitch attacks are almost always against secure boot—the code or logic that establishes the root of trust on the device very early on in the boot process. The attraction of attacking secure boot is that once it is compromised, all of the security on the device typically collapses.
There is therefore a need for a technique for deterring a glitch attack during a secure boot process.