Sergei Skorobogatov's Home Page

[What's New] [Recent Updates] [Research Proposal] [Scientific Interests] [My Skills] [Research and Plans] [Old Projects] [Contact Details] [Publications]

Hello!

My name is Sergei Skorobogatov (Сергей Скоробогатов), I was born and grew up in Moscow, Russia. I received a graduate degree (M.Sc.) in Automatics and Electronics (Engineering Diploma) from the Moscow Engineering Physics Institute (MEPhI, МИФИ) in March 1997. Then I worked (part time) as an Engineer in MEPhI and as a contractor for the Ophthalmic Centre "Prozrenie" in Moscow, where I designed several electronic devices for eye sight diagnostic and correction.
I won a Computer Laboratory Research Assistantship at Cambridge and since April 2000 I have been working on a Ph.D. project in the Security Group at the Computer Laboratory of the University of Cambridge in the UK. As a part of this research I participated in EU funded G3Card project aimed to design a new generation of smartcard chips. This project was finished in January 2003 and since that I had an independent research grant. I submitted my Ph.D. thesis in September 2004, defended my dissertation in November 2004 and graduated in February 2005. In September 2004 I was promoted to the Research Associate position for my postdoctoral research here and in July 2006 I was promoted to the Senior Research Associate position. My research grant was extended several times and it is currently until the end of 2010, therefore I am always looking for interesting and beneficial projects which could provide funding for my ongoing and future research.


I work in the Hardware Security Group on tamper-resistant processors. Here is the list of some of my current ongoing projects:


Here are some of my project ideas for undergraduate students. Old project ideas are placed here.


What's New

I have been critised a lot about the fact that most of the chips I analyse and publish successful attacks on, are built with 0.7-micron or even 0.9-micron technology. This is now changed, meaning that chips I use in my new research investigations are built with at least 0.5-micron technology (still popular in some secure chips) and some tests applied down to 90nm chips, with some interesting results recently published on 0.13-micron chips.

I gave a guest lecture "Tamper resistance and hardware security" in the Part II Security course for undergraduate students 2009-10 on 20 November 2009. Slides are revised and new material is included compared to the last year lecture.

I gave a talk at the Security Group seminar on 13 October 2009 (slides: Optical surveillance on silicon chips: your crypto keys are visible). I presented my research into a new class of side-channel attacks - optical side-channel attacks on secure semiconductor chips. By using an inexpensive CCD camera to monitor the emission from operating chip, information stored in SRAM, EEPROM and Flash was successfully recovered. In extreme cases, AES key stored inside a secure FPGA chip and used for secure code updates could be extracted thus seriously compromising the hardware security. Protection against these new side-channel attacks should become a new challenge to chip manufacturers.

Using Optical Emission Analysis for Estimating Contribution to Power Analysis. (slides). I presented new inexpensive semi-invasive side-channel attack method which is marking new direction in the hardware security arm race between developers and attackers. 6th Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC 2009).

Local Heating Attacks on Flash Memory Devices (slides). I presented a new semi-invasive attack technique which is aimed on modifying Flash and EEPROM memory as well as data extraction directly from the memory cell. Appeared at 2nd IEEE International Workshop on Hardware-Oriented Security and Trust (HOST-2009).

I gave a talk at the Security Group seminar on 20 January 2009 (slides: Hardware security: trends and pitfalls of the past decade). I was talking about progress in the hardware security area during the past decade. Instead of looking at various attack technologies, like I did in my previous lectures, I paid more attention to underlying problems of security failures caused by silicon hardware. I summarised achievements in attack and defence technologies and discussed some hardware security related issues of security economics and security psychology. After giving some examples of low-cost attacks on moderately secure silicon chips, I finally tried projecting the trend of hardware security area into the nearest future which is likely to be fruitful on news of more previously thought unbreakable devices actually being easy to attack.

I gave a guest lecture "Tamper resistance and hardware security" in the Part II Security course for undergraduate students 2008-09 on 24 November 2008.

I was contacted many times in the past with questions about consulting projects I can perform here in the lab. It was mainly caused by rapidly growing concerns about hardware security of semiconductor products (mostly microcontrollers, CPLDs and FPGAs) and growing intellectual property theft in Asian countries where most outsourcing is taking place. Some projects were aimed on finding security flaws in existing devices in order to improve their security or to select the most secure parts from a list. Other projects were dedicated for teaching and educating personnel. While other projects were about developing of certain attack techniques. More information on the types of research projects I carry out can be found here.

I prepared a short live hardware security demonstration course for students. Demonstrations involved decapsulated samples show, optical microscopy and rear-side infrared microscopy of various microcontrollers including deprocessed chips, optical fault injection history and live attack on security in microcontroller, power analysis attack on security in custom design. A short version of the demonstrations were also given as a part of Show and Tell local event here in the Computer Lab on 29 September 2008.

I gave a talk as invited speaker at the IPAM Workshop on Special purpose hardware for cryptography: Attacks and Applications, December 4 - 8, 2006, Los Angeles (Abstract and Slides).

I gave a talk at the Security Group seminar on 31 October 2006 (slides: Optically Enhanced Position-Locked Power Analysis).

Optically Enhanced Position-Locked Power Analysis (slides). New fascinating results of applying semi-invasive attacks to on-chip SRAM arrays for recovering information about its internal functionality without interfering with the chip operation. Appeared at Cryptographic Hardware and Embedded Systems Workshop (CHES-2006)

I gave a four-hour talk as invited lecturer at the ECRYPT Summer School on Cryptography in Louvain-la-Neuve (Belgium) 12-15 June 2006. I gave an introduction to hardware security and presented my achievements in hardware security analysis in the last six years. The abstract of the talk and references are available here. Slides for Part 1, Part 2, Part 3 and Part 4 of my talk are now available.

My Ph.D. thesis, which discusses the area of my research and achievements up until the end of 2003, has been out since April 2005 and exists in forms of hardbound copy and on-line Technical Report version. No part of my thesis or correspondent Technical Report may be used to produce any other reports or publications. It can be viewed on a computer or printed out for reference and consultation purposes only. You must contact me and obtain my permission in writing if you want to reproduce or use any images or diagrams from my thesis. I do not provide or authorise any translation of my thesis into other languages.

Recently updated material


My research proposal for the ongoing 2009-2010 academic year (public open abstract part only. detailed proposal and other parts are confidential)

  • Investigation of hardware security related problems in Flash and EEPROM memory structures. Evaluation against: fault injection, data remanence, external influence, side-channel leakage, memory extraction and new attacks.
    Status: ongoing research project. Publications to come in 2010-2011

  • Investigation of hardware security related problems in encryption engines implemented in semiconductor devices. Evaluation against: side-channel attacks, fault injection, side-channel leakage, micro-side attack and new attacks.
    Status: ongoing research project. Publications to come in 2010-2011

  • Optically controlled microcontroller chip. Despite to the fact that I discovered the optical fault injection attacks in 2001 and introduced them to public in 2002, there still were very little done in the direction of performing such attacks in a controllable and reliable way. This project is aimed to eliminate such disproportion by showing a good demonstration how such attacks can be used to run an arbitrary code on a standard 8-bit microcontroller with fully disabled or damaged memory programming interface.
    Status: ongoing development project. Publications to come in 2010-2011

  • Data remanence in EEPROM and Flash memory devices under special conditions. Additional directions for my previous research on data remanence in semiconductor memory devices.
    Status: several ongoing research projects. Publications to come in 2010-2011

  • EEPROM and Flash memory modification attacks. This research project is aimed on developing new techniques to alter the EEPROM and Flash memory contents using semi-invasive methods.
    Status: ongoing research project. Publications to come in 2010-2011

  • Advanced optical probing attacks. Research into practical methods of reading SRAM, EEPROM and Flash memory contents using semi-invasive approach.
    Status: several ongoing research projects. Publications to come in 2010-2011

  • Advanced EMA attacks. Research into combining of EMA attacks with semi-invasive methods.
    Status: several ongoing research projects. Publications to come in 2010-2011

  • High-resolution power analysis. Research into improving effectiveness of power analysis attacks by using special data acquisition, measurement and post-processing techniques.
    Status: several ongoing research projects. Publications to come in 2010-2011

  • Microcontroller/smartcard CPU probing attacks. Research into practical methods of reading on-chip memory contents by exploiting CPU instruction set weaknesses.
    Status: ongoing research project. Publications to come in 2010-2011

  • Practical use of fault-injection attacks. We introduced these attacks in 2002. Unfortunately they have still not been properly investigated. Research is needed to estimate the requirements on these attacks for each chip manufacturing technology and possible success rate. We are currently setting up the equipment necessary for this research. Some of the results are very likely to be published in 2010 once new special equipment has arrived.
    Status: several ongoing research projects. Publications to come in 2010-2011

  • Using nanotechnologies for hardware security analysis. Current trends in the miniaturisation of electronic devices demand the ability to understand the structure and properties on the deep submicron level (latest technology is 45nm and 30nm is already proposed). Recent achievements in scanning probe microscopy allow us to observe many characteristics of semiconductor chip surface such as landscape (with atomic force microscopy), doping concentration (with scanning capacitance microscopy), resistance (with scanning spreading resistance microscopy), magnetic field (with magnetic force microscopy), temperature (with scanning thermal microscopy), and many others. We need research to estimate how much information could be extracted from silicon chips by using such technologies. This research might involve designing and building some special microscopes. As such research requires large investments in equipment, it is difficult to predict when it will be started.
    Status: estimating the initial requirements, looking for funding


    My scientific interests include:


    Some of my special skills and fields of knowledge include:


    Some of my research and plans

    My first security-related research project was an analysis of the copy protection mechanisms in modern microcontrollers. I still work in this area and I occasionally provide penetration testing and consulting services for old and new microcontroller designs. My work aims at understanding the detailed mechanism of how protection can be broken and how the security of new designs can be improved.

    My ongoing research is more about a general evaluation of different memory structures against all kind of attacks, rather than testing any particular samples. As I expected long time ago (it was announced by me in 1999) Flash and EEPROM memories are not very good candidates for hardware security on their own, unless special attention was taken into data flow control and interface protocols. It was also suggested in my popular article on copy protection in microcontrollers with its first edition in year 2000. Much more information about various problems in EPROM, EEPROM and Flash memories are in my Ph.D. thesis which is available for public. My further research will involve detailed investigation in different Flash/EEPROM memory cells as well as in antifuse cells which are believed to be highly secure and my personal opinion is that it was not properly proved and tested. The next step would be learning and testing FRAM and MRAM memory structures as they are considered to be a highly secure replacement to Flash and EEPROM memories.


    Some of my old projects


    How you can contact me

    Dr Sergei P. Skorobogatov
    University of Cambridge
    Computer Laboratory
    William Gates Building
    15 JJ Thomson Avenue
    Cambridge CB3 0FD
    United Kingdom
    Phone:  +44 (0)1223 763563
        +44 (0)1223 763744
Fax:    +44 (0)1223 334678
Email:  Sergei.Skorobogatov (at) cl.cam.ac.uk
        sps32 (at) cl.cam.ac.uk
        sps32 (at) cam.ac.uk
        Sergei.Skorobogatov (at) hushmail.com

    Secure email: For confidential messages use HushMail and send email to my HushMail address Sergei.Skorobogatov (at) hushmail.com. Alternatively, use my PGP key.

    I always reply to personal emails. But sometimes due to server problems or spam filters mail could be lost. Therefore please resend your message if I have not replied within one week. In case of important messages I would prefer you to forward a copy of your letter to my HushMail address. Please avoid using HTML format in your emails (such messages are very likely to be filtered out) and ask my permission if you want to attach any files to your emails.


    Publications

    Please do not copy any of my publications onto your own Internet server for public access without explicit permission. If you want to refer to any of my texts, please use a hyperlink to my original and not a copy. I update these texts frequently and I want to prevent the confusion that arises if people read somewhere else obsolete versions that are not under my control.

    Press releases

    Posters

    English texts

    Russian texts

    [What's New] [Recent Updates] [Research Proposal] [Scientific Interests] [My Skills] [Research and Plans] [Old Projects] [Contact Details] [Publications]


    Sergei Skorobogatov <Sergei.Skorobogatov (at) cl.cam.ac.uk>
    created 12-05-2000 -- last modified 20-11-2009 -- http://www.cl.cam.ac.uk/~sps32/