Reproducibility Enhancement by Optimized Power Analysis Attacks in Vulnerability Assessment of IoT Transducers

An improvement in the metrological repeatability and reproducibility of the vulnerability assessment for Internet-of-Things transducers is proposed. In particular, the analysis and the reduction of repeatability and reproducibility uncertainty concern electronic power measurement techniques for the robustness assessment of a smart transducer against a specific hardware attack. The power attack metrological optimization also contributes in a more detailed description of the standard procedure for the vulnerability assessment. The attack is conducted by means of a market-leading and professional tool on a transducer protected by Advanced Encryption Standard (AES). The optimum attack configuration increases the number of disclosed AES key bytes at the least cost in terms of time and resources. Optimization is achieved through a well-settled statistical experimental design, and the analysis of variance (ANOVA) highlights the significance of the considered attack parameters: resampling frequency, number of power traces, and weight of a fast bidirectional filter. Four hundred traces resulted sufficient to discover the AES secret key in each of the experimented configurations with a resampling frequency of 500 kSa/s and a weight of the filter of 500. The optimum parameter configuration exhibited a null 1- \sigma repeatability. The 56% 1- \sigma reproducibility due to the variability of the attack parameters became negligible by adopting the optimum configuration.