A new Foe in biometrics: A narrative review of side-channel attacks

摘要

When in 1965 the British M15 placed a microphone in the Egyptian embassy to listen to the clicks emitted by the internal rotors in their mechanical encrypting machine, a new foe to IT systems was born: side-channel attacks (SCAs). This attacking methodology takes advantage of physical measurements such as sound, time or power consumption, leaked from security systems, in order to disclose their secrets. Since that distant first successful attempt by James Bond's colleagues, SCAs have become more and more sophisticated, targeting a wide range of security systems. Among them, over the last two decades, different works have analysed the vulnerabilities of biometric systems to these attacks. In spite of this few pioneering studies, compared to other technologies, the analysis of SCAs in biometrics is still in its infancy. The current article is an attempt to draw the attention of the community towards this potential threat by: placing SCAs within the overall context of biometric vulnerabilities, reviewing the state of the art, presenting possible countermeasures against them, and providing a quick look into the future regarding the challenges to be faced by biometrics to effectively confront this new adversary.