Radio waves for the detection of hardware tampering

As far as data security is concerned, there is an even greater danger than remote cyberattacks: namely tampering with hardware that can be used to read out information – such as credit card data from a card reader. Researchers in Bochum have developed a new method to detect such manipulations. They monitor the systems with radio waves that react to the slightest changes in the ambient conditions.

Unlike conventional methods, they can thus protect entire systems, not just individual components – and they can do it at a lower cost. The RUB’s science magazine Rubin features a report by the team from Ruhr-Universität Bochum (RUB), the Max Planck Institute for Security and Privacy and the IT company PHYSEC.

Paul Staat and Johannes Tobisch presented their findings at the IEEE Symposium on Security and Privacy, which took place in the USA from 23 to 25 May 2022. Both researchers are doing their PhDs at RUB and conducting research at the Max Planck Institute for Security and Privacy in Bochum in Professor Christof Paar’s team. For their research, they are cooperating with Dr. Christian Zenger from the RUB spin-off company PHYSEC.

Protection through radio waves

The radio signal is as unique as a fingerprint.
Credit: Michael Schwettmann

Data is ultimately nothing more than electrical currents that travel between different computer components via conductive paths. A tiny metallic object, located in the right place on the hardware, can be enough to tap into the information streams. To date, only individual components of systems, such as a crucial memory element or a processor, can be protected from such manipulations. “Typically, this is done with a type of foil with thin wires in which the hardware component is wrapped,” explains Paul Staat. “If the foil is damaged, an alarm is triggered.”

The radio wave technology from Bochum, however, can be used to monitor an entire system. To this end, the researchers install two antennas in the system: a transmitter and a receiver. The transmitter sends out a special radio signal that spreads everywhere in the system and is reflected by the walls and computer components. All these reflections cause a signal to reach the receiver that is as characteristic of the system as a fingerprint.

Technology reacts to the slightest changes

Tiny changes to the system are enough to have a noticeable effect on the fingerprint, as the team demonstrated in experiments. The IT experts equipped a conventional computer with radio antennas and punctured its housing with holes at regular intervals. Through these holes, the researchers let a fine metal needle penetrate the inside of the system and checked whether they notice the change in the radio signal. In the process, they varied the thickness of the needle, the position and the depth of penetration.

With the computer running, they reliably detected the penetration of a needle 0.3 millimetres thick with their system from a penetration depth of one centimetre. The system still detected a needle that was only 0.1 millimetres thick – about as thick as a hair – but not in all positions. “The closer the needle is to the receiving antenna, the easier it is to detect, explains Staat. “Therefore, in practical applications, it makes sense to think carefully about where you place the antennas,” adds Tobisch. “They should be as close as possible to the components that require a high degree of protection.”

Basically, the technology is suitable for both high-security applications and everyday problem. The IT company PHYSEC already uses it to prevent unauthorised manipulation of critical infrastructure components.

Detailed article in science magazine Rubin

You can find a detailed article on this topic in the IT Security special issue of the science magazine Rubin. For editorial purposes, the texts on the website may be used free of charge provided the source “Rubin – Ruhr-Universität Bochum” is named, and images from the download page may be used free of charge provided the copyright is mentioned and the terms of use are complied with.

DOI: 10.1109/SP46214.2022.00067
Article Title: Anti-tamper radio: System-level tamper detection for computing systems

Media Contact

Julia Weiler
Ruhr-University Bochum
julia.weiler@uv.rub.de
Office: +49-234-322-5228

Expert Contacts

Paul Staat
Horst Görtz Institute for IT-Security at Ruhr-Universität Bochum
paul.staat@rub.de

Johannes Tobisch
Horst Görtz Institute for IT-Security at Ruhr-Universität Bochum
johannes.tobisch@rub.de

Media Contact

Julia Weiler
Ruhr-University Bochum

All latest news from the category: Information Technology

Here you can find a summary of innovations in the fields of information and data processing and up-to-date developments on IT equipment and hardware.

This area covers topics such as IT services, IT architectures, IT management and telecommunications.

Back to home

Comments (0)

Write a comment

Newest articles

Pinpointing hydrogen isotopes in titanium hydride nanofilms

Although it is the smallest and lightest atom, hydrogen can have a big impact by infiltrating other materials and affecting their properties, such as superconductivity and metal-insulator-transitions. Now, researchers from…

A new way of entangling light and sound

For a wide variety of emerging quantum technologies, such as secure quantum communications and quantum computing, quantum entanglement is a prerequisite. Scientists at the Max-Planck-Institute for the Science of Light…

Telescope for NASA’s Roman Mission complete, delivered to Goddard

NASA’s Nancy Grace Roman Space Telescope is one giant step closer to unlocking the mysteries of the universe. The mission has now received its final major delivery: the Optical Telescope…