ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels
- 24 October 2016
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM) in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security
- Vol. 2016, 1626-1638
- https://doi.org/10.1145/2976749.2978353
Abstract
We show that elliptic-curve cryptography implementations on mobile devices are vulnerable to electromagnetic and power side-channel attacks. We demonstrate full extraction of ECDSA secret signing keys from OpenSSL and CoreBitcoin running on iOS devices, and partial key leakage from OpenSSL running on Android and from iOS's CommonCrypto. These non-intrusive attacks use a simple magnetic probe placed in proximity to the device, or a power probe on the phone's USB cable. They use a bandwidth of merely a few hundred kHz, and can be performed cheaply using an audio card and an improvised magnetic probe.Keywords
Funding Information
- Blavatnik Interdisciplinary Cyber Research Center
- Google (Faculty Research Award (Tromer))
- Leona M. and Harry B. Helmsley Charitable Trust (Advanced Communication Technology Project)
- Australian Research Council
- Australian Department of Communications
- sraeli Centers of Research Excellence I-CORE program (Center 4/11)
- NATO's Public Diplomacy Division (Science for Peace)
- Check Point Institute for Information Security
This publication has 26 references indexed in Scilit:
- Experimental Demonstration of Electromagnetic Information Leakage From Modern Processor-Memory SystemsIEEE Transactions on Electromagnetic Compatibility, 2014
- An Updated Survey on Secure ECC Implementations: Attacks, Countermeasures and CostLecture Notes in Computer Science, 2012
- Fast Elliptic Curve Cryptography in OpenSSLLecture Notes in Computer Science, 2012
- Introduction to differential power analysisJournal of Cryptographic Engineering, 2011
- Exponent Recoding and Regular Exponentiation AlgorithmsLecture Notes in Computer Science, 2009
- Cache-Timing Template AttacksLecture Notes in Computer Science, 2009
- Cache Attacks and Countermeasures: The Case of AESLecture Notes in Computer Science, 2006
- Remote timing attacks are practicalComputer Networks, 2005
- (Virtually) Free Randomization Techniques for Elliptic Curve CryptographyLecture Notes in Computer Science, 2003
- Binary ArithmeticPublished by Elsevier BV ,1960