Side-channel attacks exploit variations in non-functional behaviors to expose sensitive information across security boundaries. Existing methods leverage side-channels based on power consumption, electromagnetic radiation, silicon substrate coupling, and channels created by malicious implants. Power-based side-channel attacks are widely known for extracting information from data processed within a device while assuming that an attacker has physical access or the ability to modify the device. In this paper, we introduce a novel side-channel vulnerability that leaks data-dependent power variations through physical layer supply voltage coupling (PSVC). Unlike traditional power side-channel attacks, the proposed vulnerability allows an adversary to mount an attack and extract information without modifying the device. We assess the effectiveness of PSVC vulnerability through three case studies, demonstrating several end-to-end attacks on general-purpose microcontrollers with varying adversary capabilities. These case studies provide evidence for the existence of PSVC vulnerability, its applicability for on-chip as well as on-board side-channel attacks, and how it can eliminate the need for physical access to the target device, making it applicable to any off-the-shelf hardware. Our experiments also reveal that designing devices to operate at the lowest operational voltage significantly reduces the risk of PSVC side-channel vulnerability.

翻译：侧信道攻击利用非功能性行为的变化，在安全边界之间暴露敏感信息。现有方法基于功耗、电磁辐射、硅衬底耦合以及恶意植入创建的通道等侧信道。基于功耗的侧信道攻击广为人知，可从设备内处理的数据中提取信息，但前提是攻击者具有物理访问权限或修改设备的能力。本文提出一种新型侧信道漏洞，该漏洞通过物理层电源电压耦合（PSVC）泄露与数据相关的功耗变化。与传统功耗侧信道攻击不同，所提出的漏洞允许攻击者在无需修改设备的情况下发起攻击并提取信息。我们通过三个案例研究评估PSVC漏洞的有效性，展示了针对通用微控制器的多种端到端攻击，攻击者能力各异。这些案例研究证明了PSVC漏洞的存在、其在片上和板级侧信道攻击中的适用性，以及它如何消除对目标设备物理访问的需求，从而适用于任何现成硬件。我们的实验还表明，将设备设计为在最低工作电压下运行，可显著降低PSVC侧信道漏洞的风险。