Abstract
Data remanence is the residual physical representation of data that has been erased or overwritten. In non-volatile programmable devices, such as UV EPROM, EEPROM or Flash, bits are stored as charge in the floating gate of a transistor. After each erase operation, some of this charge remains. Security protection in microcontrollers and smartcards with EEPROM/Flash memories is based on the assumption that information from the memory disappears completely after erasing. While microcontroller manufacturers successfully hardened already their designs against a range of attacks, they still have a common problem with data remanence in floating-gate transistors. Even after an erase operation, the transistor does not return fully to its initial state, thereby allowing the attacker to distinguish between previously programmed and not programmed transistors, and thus restore information from erased memory. The research in this direction is summarised here and it is shown how much information can be extracted from some microcontrollers after their memory has been ‘erased’.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
A Guide to Understanding Data Remanence in Automated Information Systems. Version 2. NSA/NCSC Rainbow Series (September 1991)
Gutmann, P.: Secure Deletion of Data from Magnetic and Solid-State Memory. In: 6th USENIX Security Symposium Proceedings, San Jose, California, July 22–25, pp. 77–89 (1996)
Anderson, R.J., Kuhn, M.G.: Tamper Resistance – a Cautionary Note. In: The Second USENIX Workshop on Electronic Commerce, Oakland, California, November 18–21 (1996)
Skorobogatov, S.: Low Temperature Data Remanence in Static RAM. Technical Report UCAM-CL-TR-536. University of Cambridge, Computer Laboratory (June 2002)
Gutmann, P.: Data Remanence in Semiconductor Devices. In: 10th USENIX Security Symposium, Washington, D.C., August 13–17 (2001)
Intel StrataFlash Memory (J3), 28F256J3, 28F128J3, 28F640J3, 28F320J3, ftp://download.intel.com/design/flcomp/datashts/29066719.pdf
Rolandi, P.L., Canegallo, R., Chioffi, E., Gerna, D., Guaitini, G., Issartel, C., Kramer, A., Lhermet, F., Pasotti, M.: 1M-Cell 6b/Cell Analog Flash Memory for Digital Storage. SGS-Thomson Microelectronics. In: IEEE International Solid-State Circuits Conference (ISSCC), Agrate Brianza, Italy (1998)
Brown, W.D., Brewer, J.E.: Nonvolatile Semiconductor Memory Technology: A Comprehensive Guide to Understanding and Using NVSM Devices. IEEE Press, Los Alamitos (1997)
Intel 28F010 and 28F020, 5 Volt Bulk Erase Flash Memory, http://www.sunmark.com/datasheets/28f010.pdf
Pavan, P., Larcher, L., Cuozzo, M., Zuliani, P., Conte, A.: A Complete Model of E2PROM Memory Cells for Circuit Simulations. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 22(8) (August 2003)
Kume, H., Yamamoto, H., Adachi, T., Hagiwara, T., Komori, K., Nishimoto, T., Koike, A., Meguro, S., Hayashida, T., Tsukada, T.: A Flash-erase EEPROM cell with an asymmetric source and drain structure. IEEE IEDM Technical Digest, 560–563 (1987)
Microchip PIC12C5XX Data Sheet, 8-Pin, 8-Bit CMOS Microcontrollers, http://ww1.microchip.com/downloads/en/DeviceDoc/40139e.pdf
Microchip PIC16F84A Data Sheet, 18-pin Enhanced Flash/EEPROM 8-bit Microcontroller, http://ww1.microchip.com/downloads/en/DeviceDoc/35007b.pdf
Texas Instruments, MSP430x1xx Family, User’s Guide, http://focus.ti.com/lit/ug/slau049e/slau049e.pdf
Skorobogatov, S., Anderson, R.: Optical Fault Induction Attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 2–12. Springer, Heidelberg (2003)
Skorobogatov, S.: Semi-invasive attacks – A new approach to hardware security analysis. Technical Report UCAM-CL-TR-630. University of Cambridge, Computer Laboratory (April 2005)
Atmel ATmega8 Data Sheet, 8-bit, 8K Bytes In-System Programmable Flash Microcontroller, http://www.atmel.com/dyn/resources/prod_documents/doc2486.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Skorobogatov, S. (2005). Data Remanence in Flash Memory Devices. In: Rao, J.R., Sunar, B. (eds) Cryptographic Hardware and Embedded Systems – CHES 2005. CHES 2005. Lecture Notes in Computer Science, vol 3659. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11545262_25
Download citation
DOI: https://doi.org/10.1007/11545262_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28474-1
Online ISBN: 978-3-540-31940-5
eBook Packages: Computer ScienceComputer Science (R0)