This question was not that important prior to 2016. However, the Cambridge Analytica scandal during the US election has sensitized the common man towards the need for protecting their personal data. According to one survey, the number of data breaches in 2019 has exceeded by 54% , thereby stressing the need to secure our mobile devices.
Security vulnerabilities
The integrity of a mobile phone or an electronic device can be compromised in one of two ways:
i) Via compromised software:
An erroneous or a badly
written piece of code could
compromise the security of
the device. Popular examples
of such vulnerabilities include
Wannacry worm, Stuxnet.
Software vulnerabilities have
also been used by hackers to
hijack systems in exchange for
money.
ii) Via compromised hardware:
Our electronic devices made up
of logic gates. Today’s devices
comprise of around a billion different variants of these logic gates. A vulnerability in one or more of these could compromise the integrity of the whole device. The vulnerability could be due to maliciously injected gates, also known as Trojans, or due to the weaknesses in the implementation, also known as side-channels. To understand a hardware vulnerability, consider the following example, when our desktops or mobile phones have been running continuously, for example, when we watch a movie on our phone, we find that the phone heats up which indicates that our device has been performing complex computations (video processing and audio processing) for a long time. Thus, the temperature of the device
Mr. Patanjali S.L.P.S.K. || 257
gives us some indication about the nature of computation performed on the device. Attackers have exploited this temperature data to extract information from devices. Other examples of side-channels include noise, power, electromagnetic radiation, and timing. While researchers have been focussing on software security for the last 20-30 years, very few people have focussed on side-channel security. In our research, we decided to tackle the problem of estimating side-channel security thereby leading us to our question:
“How do we estimate the side-channel integrity of a digital device?”
Estimating side-channel security
As mentioned earlier, there exist a number of potential side- channels for any digital device. In our research, we focussed on “power side-channels”and the estimation of power-side channel integrity of a digital device. In order to understand the power side-channel of a digital device, consider the following example of a simple
2-input AND gate which is consider to be one of the basic logic gates and forms an integral component of several digital devices. The functionality of an AND gate is given by the
truth table below.
An AND gate produces an output of
logic-1 if and only if both the inputs are high and logic-0 in all the other 3 states. That is,
   In the southern part of India, for example, the Deccan plateau would not cross the age of 65 Myrs, while the Western Ghats are as old as 150 Ma. Even the Aravallis and the Vindhiyas are not older than 1700-1800 Myrs.
  Input 1
  Input 2
  Output
    0
 0
   0
   0
1
  0
 1
 0
 0
 1
  1
  1