ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS'16
We show that elliptic-curve cryptography implementations on mobile devices are vulnerable to electromagnetic and power side-channel attacks. We demonstrate full extraction of ECDSA secret signing keys from OpenSSL and CoreBitcoin running on iOS devices, and partial key leakage from OpenSSL running on Android and from iOS's CommonCrypto. These non-intrusive attacks use a simple magnetic probe placed in proximity to the device, or a power probe on the phone's USB cable. They use a bandwidth of
... e a bandwidth of merely a few hundred kHz, and can be performed cheaply using an audio card and an improvised magnetic probe * The authors thank Noam Nissan for programming and lab support during the course of this research. 2. Non-Invasive. The demonstrated attacks are non invasive and can be conducted by merely placing a magnetic probe in the proximity of the device, or using a power tap on its USB charging cable. The attack does not require any software to be installed on the device, and does not require opening the device's case (see Figures 1 and 9 ). 3. Cheap EM and power analysis. Our attack utilizes physical emanations (electromagnetic or power) at frequencies below 200 kHz, which is well below the GHz-scale processor clock speed. Consequentially, our attack can acquire secret-key information using cheap, compact and readily available equipment, such as sound cards and improvised probes.