SRAM Has No Chill: Exploiting Power Domain Separation to Steal On-Chip Secrets
18 comments
·July 25, 2025Scoundreller
ajb
Chips often have multiple VCC pins exactly because otherwise there is voltage drop across the chip. This is a hard problem. For chips where this is a security issue, I guess one answer may be to do voltage distribution on the interposer, since fewer attackers can deal with a raw die.
Scoundreller
If I understood the article correctly; the different on-chip elements have separate power supplies.
Makes sense: you might want to turn off the CPU but keep the SRAM/cache/etc running for hibernation, and that’s controlled externally for some reason (?)
ajb
You're right, that was the hole here. The reply by Tuna-Fish gives the correct reason for this setup (different voltages). The actual power converter usually needs at least an off-chip capacitor, even if the logic is integrated, because that's too large to be cost-efficient in silicon; so there might be an opening even if as much as possible was integrated - haven't thought that through though.
Tuna-Fish
It's not normally controlled externally, but the power comes from an external source, and as the different parts of the chip want different voltages, they connect to different power sources. If you control everything outside the chip and cut the supply to parts of it, there is little that the chip can do about it, even if it normally controls distribution.
userbinator
This looks like another extremely obscure attack vector which is largely leveraged only to secure devices against their rightful owners.
Physical access to these devices leads to a wide range of security exploits
Physical ownership = real ownership. That's how it's always been and should've stayed that way, if it weren't for the greedy megacorps. Valid exceptions to this level of paranoia are state secrets and other military-adjacent applications.
motorest
> Physical ownership = real ownership. That's how it's always been and should've stayed that way, if it weren't for the greedy megacorps.
Playing devil's advocate, what are your security expectation when someone steals your device? Is it acceptable that they immediately gain control of all services available through your them, such as email address, bank accounts, and investment portfolios?
dataflow
> Playing devil's advocate, what are your security expectation when someone steals your device? Is it acceptable that they immediately gain control of all services available through your them, such as email address, bank accounts, and investment portfolios?
Legally they have no right to anything. Physically, they access whatever they access. That's how it's been forever. I don't get the point of the question.
motorest
> Legally they have no right to anything.
What are you talking about? The scenario involves someone stealing from you. Do you think the legality of it is a dissuasion?
Also, OP's point was that "Physical ownership = real ownership."
> Physically, they access whatever they access. That's how it's been forever. I don't get the point of the question.
The whole point is that that's not the expectation or desire of every single person around you. Not one.
That's the fact you're not understanding. The ability to lock down a device and prevent unauthorized third parties from accessing it is a strong ask by everyone, not only "megacorps". The ability to track down and remotely pull a kill switch are sold as premium features by some manufacturers. Mobile operators have for a long time the ability to block cellphones by IMEI to prevent theft. A very popular product from one of the biggest companies in the world is a small tag that consumers can attack to their property to be able to find them and recover them.
And in spite of all these facts, are we suppose to pretend no one wants control access to their hardware to prevent unauthorized access from third parties?
MattPalmer1086
It's an attack vector that means some of the protection you thought you had if your device is lost or stolen can be bypassed.
You seem to feel there is no benefit to this protection (from non-owners of the device), and instead is protecting the device from the owner. Would you care to expand on that?
Gualdrapo
Oh, that SRAM. I once again forgot about the other SRAM and was imagining Bauke Mollema going through HN, reading this and cursing them one more time.
davidw
Or Andy Schleck https://www.youtube.com/shorts/fRWHIKE-aHM
and I'm in the same boat. Or bike, as it were, what with hours of watching the Tour this month.
cycomanic
Ha, I was trying to parse the headline thinking about the same SRAM.
motorest
I don't know why you are being downvoted. I also clicked on the link expecting another article on exploits being found on cycling gear. Last week I posted one about Shimano. The top comment was a joke about SRAM.
Cool article;
Layman’s article: https://cacm.acm.org/research-highlights/technical-perspecti...
Also seems like ACM republished the author’s paper from 2022? https://dl.acm.org/doi/pdf/10.1145/3503222.3507710
My summary:
DRAM is not a safe place to store your secrets due to cold boots, so it gets stored in SRAM (which includes registers and L1/L2 cache) instead.
Buuuuut, you might be able to dump SRAM across boots with this technique.
If I understand correctly: SRAM/cache/registers all require a lower voltage to maintain their state than the cpu requires to run.
So attach that intermediate voltage on the VCC pin closest to/running the SRAM and pull the plug on everything else. I guess they’re either not cross-connected internally or the choice of voltage stops that from being a problem. Just don’t let your voltage sag lower than required to maintain the SRAM.
Now your cache/registers/SRAM are maintained. Power up with JTAG or a custom/debugging bootrom/mode that hopefully doesn’t overwrite much/any and dump away.
> Our experiments across various devices reveal that hardware SRAM resets during boot are uncommon. Most boot with undefined SRAM states, persisting until overwritten by software.
Oops.