Electromagnetic attack

Last updated

In cryptography, electromagnetic attacks are side-channel attacks performed by measuring the electromagnetic radiation emitted from a device and performing signal analysis on it. These attacks are a more specific type of what is sometimes referred to as Van Eck phreaking, with the intention to capture encryption keys. Electromagnetic attacks are typically non-invasive and passive, meaning that these attacks are able to be performed by observing the normal functioning of the target device without causing physical damage. [1] However, an attacker may get a better signal with less noise by depackaging the chip and collecting the signal closer to the source. These attacks are successful against cryptographic implementations that perform different operations based on the data currently being processed, such as the square-and-multiply implementation of RSA. Different operations emit different amounts of radiation and an electromagnetic trace of encryption may show the exact operations being performed, allowing an attacker to retrieve full or partial private keys.

Contents

Like many other side-channel attacks, electromagnetic attacks are dependent on the specific implementation of the cryptographic protocol and not on the algorithm itself. Electromagnetic attacks are often done in conjunction with other side-channel attacks, like power analysis attacks.

Background

All electronic devices emit electromagnetic radiation. Because every wire that carries current creates a magnetic field, electronic devices create some small magnetic fields when in use. These magnetic fields can unintentionally reveal information about the operation of a device if not properly designed. Because all electronic devices are affected by this phenomenon, the term ‘device’ can refer to anything from a desktop computer, to mobile phone, to a smart card.

Electromagnetic radiation

Electromagnetic waves are a type of wave that originate from charged particles, are characterized by varying wavelength and are categorized along the electromagnetic spectrum. Any device that uses electricity will emit electromagnetic radiation due to the magnetic field created by charged particles moving along a medium. For example, radio waves are emitted by electricity moving along a radio transmitter, or even from a satellite.

In the case of electromagnetic side-channel attacks, attackers are often looking at electromagnetic radiation emitted by computing devices, which are made up of circuits. Electronic circuits consist of semiconducting materials upon which billions of transistors are placed. When a computer performs computations, such as encryption, electricity running through the transistors create a magnetic field and electromagnetic waves are emitted. [2] [3] [4]

Electromagnetic waves can be captured using an induction coil and an analog to digital converter can then sample the waves at a given clock rate and convert the trace to a digital signal to be further processed by computer.

An induction coil Induction Coil.jpg
An induction coil

The electronic device performing the computations is synced with a clock that is running at frequencies on the order of mega-hertz (MHz) to giga-hertz (GHz). However, due to hardware pipelining, and complexity of some instructions, some operations take multiple clock cycles to complete. [5] Therefore, it is not always necessary to sample the signal at such a high clock rate. It is often possible to get information on all or most of the operations while sampling on the order of kilo-hertz (kHz). Different devices leak information at different frequencies. For example, Intel's Atom processor will leak keys during RSA and AES encryption at frequencies between 50 MHz and 85 MHz. [6] Android version 4.4's Bouncy Castle library implementation of ECDSA is vulnerable to key extraction side channel attacks around the 50 kHz range. [7]

Signal processing

A spectrogram showing RSA encryption and decryption. The two functions are shown as the thick purple lines in the graph, as they are concentrated at a small frequency range with very high amplitude compared to the surrounding noise. Encryption spectrogram.png
A spectrogram showing RSA encryption and decryption. The two functions are shown as the thick purple lines in the graph, as they are concentrated at a small frequency range with very high amplitude compared to the surrounding noise.

Every operation performed by a computer emits electromagnetic radiation and different operations emit radiation at different frequencies. In electromagnetic side-channel attacks, an attacker is only interested in a few frequencies at which encryption is occurring. Signal processing is responsible for isolating these frequencies from the vast multitude of extraneous radiation and noise. To isolate certain frequencies, a bandpass filter, which blocks frequencies outside of a given range, must be applied to the electromagnetic trace. Sometimes, the attacker does not know which frequencies encryption is performed at. In this case, the trace can be represented as a spectrogram, which can help determine which frequencies are most prevalent at different points of execution. Depending on the device being attacked and the level of noise, several filters may need to be applied.

Attack methods

Electromagnetic attacks can be broadly separated into simple electromagnetic analysis (SEMA) attacks and differential electromagnetic analysis (DEMA) attacks.

Simple electromagnetic analysis

In simple electromagnetic analysis (SEMA) attacks, the attacker deduces the key directly by observing the trace. It is very effective against asymmetric cryptography implementations. [8] Typically, only a few traces are needed, though the attacker needs to have a strong understanding of the cryptographic device and of the implementation of the cryptographic algorithm. An implementation vulnerable to SEMA attacks will perform a different operation depending on whether the bit of the key is 0 or 1, which will use different amounts of power and/or different chip components. This method is prevalent in many different types of side-channel attacks, in particular, power analysis attacks. Thus, the attacker can observe the entire computation of encryption and can deduce the key.

For example, a common attack on asymmetric RSA relies on the fact that the encryption steps rely on the value of the key bits. Every bit is processed with a square operation and then a multiplication operation if and only if the bit is equal to 1. An attacker with a clear trace can deduce the key simply by observing where the multiplication operations are performed.

Differential electromagnetic analysis

In some cases, simple electromagnetic analysis is not possible or does not provide enough information. Differential electromagnetic analysis (DEMA) attacks are more complex, but are effective against symmetric cryptography implementation, against which SEMA attacks are not. [6] Additionally unlike SEMA, DEMA attacks do not require much knowledge about the device being attacked.

Known attacks

While the fact that circuits that emit high-frequency signals may leak secret information was known since 1982 by the NSA, it was classified until 2000, [9] which was right around the time that the first electromagnetic attack against encryption was shown by researchers. [10] Since then, many more complex attacks have been introduced.[ which? ][ citation needed ]

Devices

Smart cards

Smart card pinout SmartCardPinout.svg
Smart card pinout

Smart cards, often colloquially referred to as “chip cards", were designed to provide a more secure financial transaction than a traditional credit card. They contain simple embedded integrated circuits designed to perform cryptographic functions. [11] They connect directly to a card reader which provides the power necessary to perform an encrypted financial transaction. Many side-channel attacks have been shown to be effective against smart cards because they obtain their power supply and clock directly from the card reader. By tampering with a card reader, it is simple to collect traces and perform side-channel attacks. Other works, however, have also shown that smart cards are vulnerable to electromagnetic attacks. [12] [13] [14]

FPGAs

A field-programmable gate arrays (FPGA) have been commonly used to implement cryptographic primitives in hardware to increase speed. These hardware implementations are just as vulnerable as other software based primitives. In 2005, an implementation of elliptic curve encryption was shown vulnerable to both SEMA and DEMA attacks. [15] The ARIA block cipher is a common primitive implemented with FPGAs that has been shown to leak keys. [16]

Personal computers

In contrast to smart cards, which are simple devices performing a single function, personal computers are doing many things at once. Thus, it is much more difficult to perform electromagnetic side-channel attacks against them, due to high levels of noise and fast clock rates. Despite these issues, researchers in 2015 and 2016 showed attacks against a laptop using a near-field magnetic probe. The resulting signal, observed for only a few seconds, was filtered, amplified, and digitized for offline key extraction. Most attacks require expensive, lab-grade equipment, and require the attacker to be extremely close to the victim computer. [17] [18] However, some researchers were able to show attacks using cheaper hardware and from distances of up to half a meter. [19] These attacks, however, required the collection of more traces than the more expensive attacks.

Smartphones

Smartphones are of particular interest for electromagnetic side-channel attacks. Since the advent of mobile phone payment systems such as Apple Pay, e-commerce systems have become increasingly commonplace. Likewise, the amount of research dedicated to mobile phone security side channel attacks has also increased. [20] Currently most attacks are proofs of concept that use expensive lab-grade signal processing equipment. [21] One of these attacks demonstrated that a commercial radio receiver could detect mobile phone leakage up to three meters away. [22]

However, attacks using low-end consumer grade equipment have also shown successful. By using an external USB sound card and an induction coil salvaged from a wireless charging pad, researchers were able to extract a user's signing key in Android's OpenSSL and Apple's CommonCrypto implementations of ECDSA. [20] [21] [22]

Examples of vulnerable encryption schemes

Widely used theoretical encryption schemes are mathematically secure, yet this type of security does not consider their physical implementations, and thus, do not necessarily protect against side-channel attacks. Therefore, the vulnerability lies in the code itself, and it is the specific implementation that is shown to be insecure. Luckily, many of the vulnerabilities shown have since been patched. Vulnerable implementations include, but are definitely not limited to, the following:

Feasibility

The attacks described thus far have mainly focused on the use of induction to detect unintended radiation. However, the use of far-field communication technologies like that of AM radios can also be used for side-channel attacks, although no key extraction methods for far-field signal analysis have been demonstrated. [23] Therefore, a rough characterization of potential adversaries using this attack range from highly educated individuals to low to medium funded cartels. The following demonstrates a few possible scenarios:

Mobile payment systems

Point of sale systems that accept payment from mobile phones or smart cards are vulnerable. Induction coils can be hidden on these systems to record financial transactions from smart cards or mobile phone payments. With keys extracted, a malicious attacker could forge his own card or make fraudulent charges with the private key. Belgarric et al. propose a scenario where mobile payments are performed with bitcoin transactions. Since the Android implementation of the bitcoin client uses ECDSA, the signing key can be extracted at the point of sale. [7] These types of attacks are only slightly more complex than magnetic card stripe skimmers currently used on traditional magnetic strip cards.

Wireless charging pads

Many public venues such as Starbucks locations are already offering free public wireless charging pads. [24] It was previously shown that the same coils used in wireless charging can be used for detection of unintended radiation. Therefore, these charging pads pose a potential hazard. Malicious charging pads might attempt to extract keys in addition to charging a user’s phone. When coupled with packet sniffing capabilities of public Wi-Fi networks, the keys extracted could be used to perform man-in-the-middle attacks on users. If far-field attacks are discovered, an attacker only needs to point his antenna at a victim to perform these attacks; the victim need not be actively charging their phone on one of these public pads.[ citation needed ]

Countermeasures

Several countermeasures against electromagnetic attacks have been proposed, though there is no one perfect solution. Many of the following countermeasures will make electromagnetic attacks harder, not impossible.

Physical countermeasures

One of the most effective ways to prevent electromagnetic attacks is to make it difficult for an attacker to collect an electromagnetic signal at the physical level. Broadly, the hardware designer could design the encryption hardware to reduce signal strength [25] or to protect the chip. Circuit and wire shielding, such as a Faraday cage, are effective in reducing the signal, as well as filtering the signal or introducing extraneous noise to mask the signal. Additionally, most electromagnetic attacks require attacking equipment to be very close to the target, so distance is an effective countermeasure. Circuit designers can also use certain glues or design components in order to make it difficult or impossible to depackage the chip without destroying it.

Recently, white-box modeling was utilized to develop a low-overhead generic circuit-level countermeasure [26] against both electromagnetic as well as power side-channel attacks. To minimize the effects of the higher-level metal layers in an IC acting as more efficient antennas, [27] the idea is to embed the crypto core with a signature suppression circuit, [28] [29] routed locally within the lower-level metal layers, leading towards both power and electromagnetic side-channel attack immunity.

Implementation countermeasures

As many electromagnetic attacks, especially SEMA attacks, rely on asymmetric implementations of cryptographic algorithms, an effective countermeasure is to ensure that a given operation performed at a given step of the algorithm gives no information on the value of that bit. Randomization of the order of bit encryption, process interrupts, and clock cycle randomization, are all effective ways to make attacks more difficult. [1]

Usage in the government

The classified National Security Agency program TEMPEST focuses on both the spying on systems by observing electromagnetic radiation and the securing of equipment to protect against such attacks.

The Federal Communications Commission outlines the rules regulating the unintended emissions of electronic devices in Part 15 of the Code of Federal Regulations Title 47. The FCC does not provide a certification that devices do not produce excess emissions, but instead relies on a self-verification procedure. [30]

Related Research Articles

Elliptic-curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC allows smaller keys compared to non-EC cryptography to provide equivalent security.

<span class="mw-page-title-main">Encryption</span> Process of converting plaintext to ciphertext

In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information. Encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor.

<span class="mw-page-title-main">Public-key cryptography</span> Cryptographic system with public and private keys

Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic algorithms based on mathematical problems termed one-way functions. Security of public-key cryptography depends on keeping the private key secret; the public key can be openly distributed without compromising security.

RSA (Rivest–Shamir–Adleman) is a public-key cryptosystem, one of the oldest, that is widely used for secure data transmission. The acronym "RSA" comes from the surnames of Ron Rivest, Adi Shamir and Leonard Adleman, who publicly described the algorithm in 1977. An equivalent system was developed secretly in 1973 at Government Communications Headquarters (GCHQ) by the English mathematician Clifford Cocks. That system was declassified in 1997.

<span class="mw-page-title-main">Tempest (codename)</span> Espionage using electromagnetic leakage

TEMPEST is a U.S. National Security Agency specification and a NATO certification referring to spying on information systems through leaking emanations, including unintentional radio or electrical signals, sounds, and vibrations. TEMPEST covers both methods to spy upon others and how to shield equipment against such spying. The protection efforts are also known as emission security (EMSEC), which is a subset of communications security (COMSEC).

In cryptography, a timing attack is a side-channel attack in which the attacker attempts to compromise a cryptosystem by analyzing the time taken to execute cryptographic algorithms. Every logical operation in a computer takes time to execute, and the time can differ based on the input; with precise measurements of the time for each operation, an attacker can work backwards to the input. Finding secrets through timing information may be significantly easier than using cryptanalysis of known plaintext, ciphertext pairs. Sometimes timing information is combined with cryptanalysis to increase the rate of information leakage.

In computer security, a side-channel attack is any attack based on extra information that can be gathered because of the fundamental way a computer protocol or algorithm is implemented, rather than flaws in the design of the protocol or algorithm itself or minor, but potentially devastating, mistakes or oversights in the implementation. Timing information, power consumption, electromagnetic leaks, and sound are examples of extra information which could be exploited to facilitate side-channel attacks.

<span class="mw-page-title-main">Power analysis</span> Form of side channel attack

Power analysis is a form of side channel attack in which the attacker studies the power consumption of a cryptographic hardware device. These attacks rely on basic physical properties of the device: semiconductor devices are governed by the laws of physics, which dictate that changes in voltages within the device require very small movements of electric charges (currents). By measuring those currents, it is possible to learn a small amount of information about the data being manipulated.

Information leakage happens whenever a system that is designed to be closed to an eavesdropper reveals some information to unauthorized parties nonetheless. In other words: Information leakage occurs when secret information correlates with, or can be correlated with, observable information. For example, when designing an encrypted instant messaging network, a network engineer without the capacity to crack encryption codes could see when messages are transmitted, even if he could not read them.

The security of cryptographic systems depends on some secret data that is known to authorized persons but unknown and unpredictable to others. To achieve this unpredictability, some randomization is typically employed. Modern cryptographic protocols often require frequent generation of random quantities. Cryptographic attacks that subvert or exploit weaknesses in this process are known as random number generator attacks.

Acoustic cryptanalysis is a type of side channel attack that exploits sounds emitted by computers or other devices.

NSA Suite B Cryptography was a set of cryptographic algorithms promulgated by the National Security Agency as part of its Cryptographic Modernization Program. It was to serve as an interoperable cryptographic base for both unclassified information and most classified information.

The Texas Instruments digital signature transponder (DST) is a cryptographically enabled radio-frequency identification (RFID) device used in a variety of wireless authentication applications. The largest deployments of the DST include the Exxon-Mobil Speedpass payment system, as well as a variety of vehicle immobilizer systems used in many late model Ford, Lincoln, Mercury, Toyota, Nissan, Kia, Hyundai and Tesla vehicles.

<span class="mw-page-title-main">Hardware security module</span> Physical computing device

A hardware security module (HSM) is a physical computing device that safeguards and manages secrets, performs encryption and decryption functions for digital signatures, strong authentication and other cryptographic functions. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server. A hardware security module contains one or more secure cryptoprocessor chips.

<span class="mw-page-title-main">Contactless smart card</span> Allowing for contactless payments in credit and debit cards

A contactless smart card is a contactless credential whose dimensions are credit card size. Its embedded integrated circuits can store data and communicate with a terminal via NFC. Commonplace uses include transit tickets, bank cards and passports.

<span class="mw-page-title-main">Network Security Services</span> Collection of cryptographic computer libraries

Network Security Services (NSS) is a collection of cryptographic computer libraries designed to support cross-platform development of security-enabled client and server applications with optional support for hardware TLS/SSL acceleration on the server side and hardware smart cards on the client side. NSS provides a complete open-source implementation of cryptographic libraries supporting Transport Layer Security (TLS) / Secure Sockets Layer (SSL) and S/MIME. NSS releases prior to version 3.14 are tri-licensed under the Mozilla Public License 1.1, the GNU General Public License, and the GNU Lesser General Public License. Since release 3.14, NSS releases are licensed under GPL-compatible Mozilla Public License 2.0.

Differential fault analysis (DFA) is a type of active side-channel attack in the field of cryptography, specifically cryptanalysis. The principle is to induce faults—unexpected environmental conditions—into cryptographic operations to reveal their internal states.

<span class="mw-page-title-main">Cryptography</span> Practice and study of secure communication techniques

Cryptography, or cryptology, is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security are also central to cryptography. Practical applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications.

<span class="mw-page-title-main">Hardware Trojan</span> Malware embedded in hardware; harder to detect and fix than software vulnerabilities

A Hardware Trojan (HT) is a malicious modification of the circuitry of an integrated circuit. A hardware Trojan is completely characterized by its physical representation and its behavior. The payload of an HT is the entire activity that the Trojan executes when it is triggered. In general, Trojans try to bypass or disable the security fence of a system: for example, leaking confidential information by radio emission. HTs also could disable, damage or destroy the entire chip or components of it.

Computer security compromised by hardware failure is a branch of computer security applied to hardware. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. Such secret information could be retrieved by different ways. This article focus on the retrieval of data thanks to misused hardware or hardware failure. Hardware could be misused or exploited to get secret data. This article collects main types of attack that can lead to data theft.

References

  1. 1 2 Koeune, F., & Standaert, F. X. (2005). A tutorial on physical security and side-channel attacks. In Foundations of Security Analysis and Design III (pp. 78–108). Springer Berlin Heidelberg.
  2. Harada T, Sasaki H, Yoshio KA (1997). "Investigation on radiated emission characteristics of multilayer printed circuit boards". IEICE Transactions on Communications. 80 (11): 1645–1651.
  3. Kuhn MG, Anderson RJ (April 1998). "Soft Tempest: Hidden Data Transmission Using Electromagnetic Emanations". Information Hiding. Lecture Notes in Computer Science. Vol. 1525. pp. 124–142. CiteSeerX   10.1.1.64.6982 . doi:10.1007/3-540-49380-8_10. ISBN   978-3-540-65386-8.
  4. Messerges TS, Dabbish EA, Sloan RH (1999). "Investigations of Power Analysis Attacks on Smartcards" (PDF). Smartcard: 151–161.
  5. Gandolfi K, Mourtel C, Olivier F (May 2001). "Electromagnetic Analysis: Concrete Results". Cryptographic Hardware and Embedded Systems — CHES 2001. pp. 251–261. doi:10.1007/3-540-44709-1_21. ISBN   978-3-540-42521-2.{{cite book}}: |journal= ignored (help)
  6. 1 2 3 4 Do A, Ko ST, Htet AT (15 April 2013). "Electromagnetic Side-Channel Analysis on the Intel Atom Processor: A Major Qualifying Project Report" (PDF). Worcester Polytechnic Institute.{{cite journal}}: Cite journal requires |journal= (help)
  7. 1 2 Belgarric P, Fouque PA, Macario-Rat G, Tibouchi M (2016). "Side-Channel Analysis of Weierstrass and Koblitz Curve ECDSA on Android Smartphones". Topics in Cryptology - CT-RSA 2016. pp. 236–252. doi:10.1007/978-3-319-29485-8_14. ISBN   978-3-319-29484-1.{{cite book}}: |journal= ignored (help)
  8. Martinasek Z, Zeman V, Trasy K (2012). "Simple electromagnetic analysis in cryptography". International Journal of Advances in Telecommunications, Electrotechnics, Signals and Systems. 1 (1): 13–19. doi: 10.11601/ijates.v1i1.6 .
  9. NACSIM 5000 Tempest Fundamentals (Report). National Security Agency. February 1982.
  10. Quisquater JJ (2000). "A new tool for non-intrusive analysis of smart cards based on electro-magnetic emissions: the SEMA and DEMA methods". Eurocrypt Rump Session.
  11. "Smart Card FAQ: How do Smart Cards Work". Smart Card Alliance.
  12. Samyde D, Skorobogatov S, Anderson R, Quisquater JJ (December 2002). "On a new way to read data from memory". First International IEEE Security in Storage Workshop, 2002. Proceedings. pp. 65–69. doi:10.1109/SISW.2002.1183512. ISBN   978-0-7695-1888-6. S2CID   11153044.
  13. Quisquater JJ, Samyde D (2001). "ElectroMagnetic Analysis (EMA): Measures and Counter-measures for Smart Cards". Smart Card Programming and Security. Lecture Notes in Computer Science. Vol. 2140. pp. 200–210. doi:10.1007/3-540-45418-7_17. ISBN   978-3-540-42610-3.
  14. Agrawal D, Archambeault B, Rao JR, Rohatgi P (2002). "The EM Side—Channel(s)". Cryptographic Hardware and Embedded Systems - CHES 2002. pp. 29–45. doi:10.1007/3-540-36400-5_4. ISBN   978-3-540-00409-7.{{cite book}}: |journal= ignored (help)
  15. De Mulder E, Buysschaert P, Örs SB, Delmotte P, Preneel B, Vandenbosch G, Verbauwhede I (November 2005). "Electromagnetic Analysis Attack on an FPGA Implementation of an Elliptic Curve Cryptosystem". EUROCON 2005 - the International Conference on "Computer as a Tool". Vol. 2. pp. 1879–1882. CiteSeerX   10.1.1.104.6201 . doi:10.1109/EURCON.2005.1630348. ISBN   978-1-4244-0049-2. S2CID   3800063.
  16. Kim C, Schläffer M, Moon S (2008). "Differential side channel analysis attacks on FPGA implementations of ARIA". ETRI Journal. 30 (2): 315–325. doi: 10.4218/etrij.08.0107.0167 .
  17. 1 2 3 Genkin D, Pipman I, Tromer E (2015). "Get your hands off my laptop: Physical side-channel key-extraction attacks on PCs". Journal of Cryptographic Engineering. 5 (2): 95–112. doi:10.1007/s13389-015-0100-7. S2CID   14931217.
  18. 1 2 Genkin D, Pachmanov L, Pipman I, Tromer E (2016). "ECDH Key-Extraction via Low-Bandwidth Electromagnetic Attacks on PCS". Topics in Cryptology - CT-RSA 2016. pp. 219–235. doi:10.1007/978-3-319-29485-8_13. ISBN   978-3-319-29484-1.{{cite book}}: |journal= ignored (help)
  19. 1 2 3 Genkin D, Pachmanov L, Pipman I, Tromer E (2015). "Stealing Keys from PCS Using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation". Cryptographic Hardware and Embedded Systems -- CHES 2015. pp. 207–228. doi:10.1007/978-3-662-48324-4_11. ISBN   978-3-662-48323-7.{{cite book}}: |journal= ignored (help)
  20. 1 2 Kenworthy G, Rohatgi P (2012). "Mobile Device Security: The case for side channel resistance" (PDF). Archived from the original (PDF) on 2012-10-22. Retrieved 2016-05-06.{{cite journal}}: Cite journal requires |journal= (help)
  21. 1 2 Genkin D, Pachmanov L, Pipman I, Tromer E, Yarom Y (2016). "ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels" (PDF).{{cite journal}}: Cite journal requires |journal= (help)
  22. 1 2 Goller G, Sigl G (2015). "Side Channel Attacks on Smartphones and Embedded Devices Using Standard Radio Equipment". Constructive Side-Channel Analysis and Secure Design. Lecture Notes in Computer Science. Vol. 9064. pp. 255–270. doi:10.1007/978-3-319-21476-4_17. ISBN   978-3-319-21475-7.
  23. Meynard O, Réal D, Guilley S, Flament F, Danger JL, Valette F (October 2010). "Characterization of the Electromagnetic Side Channel in Frequency Domain". Information Security and Cryptology. Lecture Notes in Computer Science. Vol. 6584. pp. 471–486. doi:10.1007/978-3-642-21518-6_33. ISBN   978-3-642-21517-9.
  24. Boxall, Andy (10 May 2015). "Hands On: Starbucks Wireless Charging". Digital Trends. Retrieved 20 April 2016.
  25. Zhou Y, Feng D (2005). "Side-Channel Attacks: Ten Years After Its Publication and the Impacts on Cryptographic Module Security Testing" (PDF). IACR Cryptology ePrint Archive: 388.
  26. Das, Debayan; Danial, Josef; Golder, Anupam; Modak, Nirmoy; Maity, Shovan; Chatterjee, Baibhab; Seo, Donghyun; Chang, Muya; Varna, Avinash; Krishnamurthy, Harish; Mathew, Sanu; Ghosh, Santosh; Raychowdhury, Arijit; Sen, Shreyas (2020). "27.3 EM and Power SCA-Resilient AES-256 in 65nm CMOS Through >350× Current-Domain Signature Attenuation". 2020 IEEE International Solid- State Circuits Conference - (ISSCC). pp. 424–426. doi:10.1109/ISSCC19947.2020.9062997. ISBN   978-1-7281-3205-1. S2CID   215800163.
  27. Das, Debayan; Nath, Mayukh; Chatterjee, Baibhab; Ghosh, Santosh; Sen, Shreyas (2019). "STELLAR: A Generic EM Side-Channel Attack Protection through Ground-Up Root-cause Analysis". 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). pp. 11–20. doi:10.1109/HST.2019.8740839. ISBN   978-1-5386-8064-3. S2CID   53594941.
  28. Das, Debayan; Maity, Shovan; Nasir, Saad Bin; Ghosh, Santosh; Raychowdhury, Arijit; Sen, Shreyas (2018). "ASNI: Attenuated Signature Noise Injection for Low-Overhead Power Side-Channel Attack Immunity". IEEE Transactions on Circuits and Systems I: Regular Papers. 65 (10): 3300–3311. doi: 10.1109/TCSI.2018.2819499 . S2CID   52161683.
  29. Das, Debayan; Maity, Shovan; Nasir, Saad Bin; Ghosh, Santosh; Raychowdhury, Arijit; Sen, Shreyas (2017). "High efficiency power side-channel attack immunity using noise injection in attenuated signature domain". 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). pp. 62–67. arXiv: 1703.10328 . doi:10.1109/HST.2017.7951799. ISBN   978-1-5386-3929-0. S2CID   3321637.
  30. "FCC Rule Part 15b". FCC certification.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.