ACM Digital Library Logo
ACM Logo
Advanced Search
10.1145/3338508.3359571acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedings
research-article

Breaking Mobile Firmware Encryption through Near-Field Side-Channel Analysis

Publication: ASHES'19: Proceedings of the 3rd ACM Workshop on Attacks and Solutions in Hardware Security WorkshopNovember 2019 Pages 23–32https://doi.org/10.1145/3338508.3359571
  • 0
  • 195
Metrics
Total Citations0
Total Downloads195
Last 12 Months195
Last 6 weeks11
ASHES'19: Proceedings of the 3rd ACM Workshop on Attacks and Solutions in Hardware Security Workshop
Breaking Mobile Firmware Encryption through Near-Field Side-Channel Analysis
Pages 23–32
PreviousChapterNextChapter

ABSTRACT

Physical attacks constitute a significant threat for any cryptosystem. Among them, Side-Channel Analysis (SCA) is a common practice to stress the security of embedded devices like smartcards or secure controllers. Nowadays, it has become more than relevant on mobile and connected devices requiring a high security level. Yet, their applicability to smartphones is not obvious, as the architecture of modern System-on-Chips (SoC) is becoming ever more complex.

This paper describes how a secret AES key was retrieved from the hardware cryptoprocessor of a smartphone. It is part of an attack scenario targeting the bootloader decryption. The focus is on practical realization and the challenges it brings. In particular, catching meaningful signals emitted by the cryptoprocessor embedded in the main System-on-Chip can be troublesome. Indeed, the Package-on-Package technology makes access to the die problematic and prevents straightforward near-field electromagnetic measurements. The described scenario can apply to any device whose chain-of-trust relies on firmware encryption, such as many smartphones or Internet-of-Things nodes.

References

  1. Dakshi Agrawal, Bruce Archambeault, Josyula R. Rao, and Pankaj Rohatgi. 2002.The EM Side-Channel(s). In Cryptographic Hardware and Embedded Systems -CHES 2002, 4th International Workshop, Redwood Shores, CA, USA, August 13-15,2002, Revised Papers (Lecture Notes in Computer Science), Burton S. Kaliski Jr.,Çetin Kaya Koç, and Christ of Paar (Eds.), Vol. 2523. Springer, 29--45. https://doi.org/10.1007/3-540-36400-5_4Google ScholarGoogle Scholar
  2. Monjur Alam, Haider A. Khan, Moumita Dey, Nishith Sinha, Robert Locke Callan, Alenka G. Zajic, and Milos Prvulovic. 2018. One&Done: A Single-Decryption EM-Based Attack on Open SSL's Constant-Time Blinded RSA. In 27th USENIX Security Symposium, USENIX Security 2018, Baltimore, MD, USA, August 15-17, 2018.585--602. https://www.usenix.org/conference/usenixsecurity18/presentation/alamGoogle ScholarGoogle Scholar
  3. Josep Balasch, Benedikt Gierlichs, Oscar Reparaz, and Ingrid Verbauwhede. 2015.DPA, Bitslicing and Masking at 1 GHz, See [14], 599--619. https://doi.org/10.1007/978-3-662-48324-4_30Google ScholarGoogle Scholar
  4. Andrey Bogdanov, Ilya Kizhvatov, Kamran Manzoor, Elmar Tischhauser, and Marc Witteman. 2015. Fast and Memory-Efficient Key Recovery in Side-Channel Attacks. In Selected Areas in Cryptography - SAC 2015 - 22nd International Conference, Sackville, NB, Canada, August 12-14, 2015, Revised Selected Papers (Lecture Notes in Computer Science), Orr Dunkelman and Liam Keliher (Eds.), Vol. 9566. Springer, 310--327. https://doi.org/10.1007/978-3-319-31301-6_19Google ScholarGoogle Scholar
  5. Otwin Breitenstein, Wilhelm Warta, and Martin Langenkamp. 2010. Lock-inthermography: Basics and use for evaluating electronic devices and materials. Vol. 10. Springer Science & Business Media.Google ScholarGoogle ScholarCross RefCross Ref
  6. Eric Brier, Christophe Clavier, and Francis Olivier. 2004. Correlation PowerAnalysis with a Leakage Model. In Cryptographic Hardware and Embedded Systems- CHES 2004: 6th International Workshop Cambridge, MA, USA, August 11-13, 2004. Proceedings (Lecture Notes in Computer Science), Marc Joye and Jean-Jacques Quisquater (Eds.), Vol. 3156. Springer, 16--29. https://doi.org/10.1007/978-3-540-28632-5_2Google ScholarGoogle Scholar
  7. Christian Cachin. 1997.Entropy measures and unconditional security in cryptography. Ph.D. Dissertation. ETH Zurich. http://d-nb.info/950686247Google ScholarGoogle Scholar
  8. Suresh Chari, Charanjit S. Jutla, Josyula R. Rao, and Pankaj Rohatgi. 1999. Towards Sound Approaches to Counteract Power-Analysis Attacks, See [35], 398--412. https://doi.org/10.1007/3-540-48405-1_26Google ScholarGoogle Scholar
  9. Thomas De Cnudde, Maik Ender, and Amir Moradi. 2018. Hardware Masking, Revisited. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018, 2 (2018), 123--148. https://doi.org/10.13154/tches.v2018.i2.123--148Google ScholarGoogle Scholar
  10. Maxime Cozzi, Jean Marc Gallière, and Philippe Maurine. 2018. Thermal Scans for Detecting Hardware Trojans. In Constructive Side-Channel Analysis and Secure Design - 9th International Workshop, COSADE 2018, Singapore, April 23-24,2018, Proceedings (Lecture Notes in Computer Science), Junfeng Fan and Benedikt Gierlichs (Eds.), Vol. 10815. Springer, 117--132. https://doi.org/10.1007/978-3-319-89641-0_7Google ScholarGoogle Scholar
  11. Franco L. Fiori. 2008. Reducing SoC electromagnetic emissions by design. In15th IEEE International Conference on Electronics, Circuits and Systems, ICECS2008, St. Julien's, Malta, August 31 2008-September 3, 2008. IEEE, 422--425. https://doi.org/10.1109/ICECS.2008.4674880Google ScholarGoogle ScholarCross RefCross Ref
  12. Daniel Genkin, Lev Pachmanov, Itamar Pipman, Eran Tromer, and Yuval Yarom.2016. ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, October 24-28, 2016, Edgar R. Weippl, Stefan Katzenbeisser, Christopher Kruegel, Andrew C. Myers, and Shai Halevi(Eds.). ACM, 1626--1638. https://doi.org/10.1145/2976749.2978353Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Benjamin Jun Gilbert Goodwill, Josh Jaffe, Pankaj Rohatgi, et al.2011. A testing methodology for side-channel resistance validation. In NIST non-invasive attacktesting workshop, Vol. 7. 115--136.Google ScholarGoogle Scholar
  14. Tim Güneysu and Helena Handschuh (Eds.). 2015.Cryptographic Hardware andEmbedded Systems - CHES 2015 - 17th International Workshop, Saint-Malo, France, September 13-16, 2015, Proceedings. Lecture Notes in Computer Science, Vol. 9293. Springer. https://doi.org/10.1007/978-3-662-48324-4Google ScholarGoogle Scholar
  15. Keith Gutierrez and Gerald Coley. 2009. PCB Design Guidelines for 0.4mm Package-On-Package. Application Report SPRAAV1B. Texas Instruments. http://www.ti.com/lit/an/spraav1b/spraav1b.pdf Accessed Online (Sept. 2019).Google ScholarGoogle Scholar
  16. Michael Hutter and Jörn-Marc Schmidt. 2013. The Temperature Side Channel and Heating Fault Attacks. In Smart Card Research and Advanced Applications - 12thInternational Conference, CARDIS 2013, Berlin, Germany, November 27-29, 2013.Revised Selected Papers (Lecture Notes in Computer Science), Aurélien Francillon and Pankaj Rohatgi (Eds.), Vol. 8419. Springer, 219--235. https://doi.org/10.1007/978--3--319-08302--5_15Google ScholarGoogle Scholar
  17. Auguste Kerckhoffs. 1883. La cryptographie militaire.Journal des sciences militairesvol. IX (January and February 1883), 5--38 and 161--191. https://www.petitcolas.net/kerckhoffs/crypto_militaire_1_b.pdf Accessed Online (Sept. 2019).Google ScholarGoogle Scholar
  18. Hyunmin Kim, Seokhie Hong, Bart Preneel, and Ingrid Verbauwhede. 2017. STBC:Side Channel Attack Tolerant Balanced Circuit with Reduced Propagation Delay. In2017 IEEE Computer Society Annual Symposium on VLSI, ISVLSI 2017, Bochum, Germany, July 3-5, 2017. IEEE Computer Society, 74--79. https://doi.org/10.1109/ISVLSI.2017.22Google ScholarGoogle Scholar
  19. Paul Kocher. 2005. Design and validation strategies for obtaining assurance incounter measures to power analysis and related attacks. In Proceedings of the NISTPhysical Security Workshop, Vol. 46.Google ScholarGoogle Scholar
  20. Paul Kocher, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom.2018. Spectre Attacks: Exploiting Speculative Execution.CoRRabs/1801.01203(2018). arXiv:1801.01203 http://arxiv.org/abs/1801.01203Google ScholarGoogle Scholar
  21. Paul C. Kocher, Joshua Jaffe, and Benjamin Jun. 1999. Differential Power Analysis,See [35], 388--397. https://doi.org/10.1007/3-540-48405-1_25Google ScholarGoogle Scholar
  22. Ulrich Kühn, Andrei Pyshkin, Erik Tews, and Ralf-Philipp Weinmann. 2008. Variants of Bleichenbacher's Low-Exponent Attack on PKCS#1 RSA Signatures.In Sicherheit 2008: Sicherheit, Schutz und Zuverlässigkeit. Konferenzb and der 4. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V. (GI), 2.-4. April 2008 im Saarbrücker Schloss. (LNI), Ammar Alkassar and Jörg H. Siekmann(Eds.), Vol. 128. GI, 97--109.Google ScholarGoogle Scholar
  23. Itamar Levi, Davide Bellizia, and François-Xavier Standaert. 2019. Reducing aMasked Implementation's Effective Security Order with Setup Manipulations And an Explanation Based on Externally-Amplified Couplings. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019, 2 (2019), 293--317. https://doi.org/10.13154/tches.v2019.i2.293--317Google ScholarGoogle Scholar
  24. Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas,Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown: Reading Kernel Memory from User Space. In27th USENIX Security Symposium, USENIX Security 2018, Baltimore,MD, USA, August 15-17, 2018.973--990. https://www.usenix.org/conference/usenixsecurity18/presentation/lippGoogle ScholarGoogle Scholar
  25. Jake Longo, Elke De Mulder, Dan Page, and Michael Tunstall. 2015. SoC It to EM: Electro Magnetic Side-Channel Attacks on a Complex System-on-Chip, See [14],620--640. https://doi.org/10.1007/978-3-662-48324-4_31Google ScholarGoogle Scholar
  26. Marcel Medwed, Christophe Petit, Francesco Regazzoni, Mathieu Renauld, and François-Xavier Standaert. 2011. Fresh Re-keying II: Securing Multiple Parties against Side-Channel and Fault Attacks. In Smart Card Research and Advanced Applications - 10th IFIP WG 8.8/11.2 International Conference, CARDIS 2011, Leuven, Belgium, September 14-16, 2011, Revised Selected Papers (Lecture Notes in Computer Science), Emmanuel Prouff (Ed.), Vol. 7079. Springer, 115--132. https://doi.org/10.1007/978-3-642-27257-8_8Google ScholarGoogle Scholar
  27. Multi-COM. [n.d.]. VR-Table, eMMC JTAG FBus. https://vr-table.com/features.php Accessed Online (Sept. 2019).Google ScholarGoogle Scholar
  28. Peter Pessl, Daniel Gruss, Clémentine Maurice, Michael Schwarz, and Stefan Mangard. 2016. DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks. In 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10-12, 2016., Thorsten Holz and Stefan Savage (Eds.). USENIX Association, 565--581. https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/pesslGoogle ScholarGoogle Scholar
  29. Jean-Jacques Quisquater and David Samyde. 2001. Electro Magnetic Analysis(EMA): Measures and Counter-Measures for Smart Cards. In Smart Card Programming and Security, International Conference on Research in Smart Cards, E-smart 2001, Cannes, France, September 19-21, 2001, Proceedings (Lecture Notes in Computer Science), Isabelle Attali and Thomas P. Jensen (Eds.), Vol. 2140. Springer, 200--210. https://doi.org/10.1007/3-540-45418-7_17Google ScholarGoogle Scholar
  30. Nilo Redini, Aravind Machiry, Dipanjan Das, Yanick Fratantonio, Antonio Bianchi,Eric Gustafson, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna.2017. Boot Stomp: On the Security of Boot loaders in Mobile Devices. In 26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, August 16-18, 2017., Engin Kirda and Thomas Ristenpart (Eds.). USENIX Association, 781--798. https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/rediniGoogle ScholarGoogle Scholar
  31. Etienne Sicard (eds.) Sonia Ben Dhia, Mohamed Ramdani. 2006.Electromag-netic Compatibility of Integrated Circuits: Techniques for low emission and susceptibility(1 ed.). Springer US.http://gen.lib.rus.ec/book/index.php?md5=daff750da7c9e67635c190e9274becd7Google ScholarGoogle Scholar
  32. Youssef Souissi. 2011.Optimization methods for side channel attacks. (Méthodes optimisant l'analyse des crypto processeurs sur les canaux cachés). Ph.D. Dissertation. Télécom Paris Tech, France. https://tel.archives-ouvertes.fr/pastel-00681665Google ScholarGoogle Scholar
  33. Albert Spruyt and Niek Timmers. 2017. Constructing AES-CBC Shellcode. International Journal of PoC||GTFO0x17 (December 2017), 5--8.https://www.alchemistowl.org/pocorgtfo/pocorgtfo17.pdfGoogle ScholarGoogle Scholar
  34. Aurélien Vasselle, Hugues Thiebeauld, Quentin Maouhoub, Adele Morisset, and Sebastien Ermeneux. 2018. Laser-Induced Fault Injection on Smartphone Bypassing the Secure Boot. (2018). https://doi.org/10.1109/TC.2018.2860010Google ScholarGoogle Scholar
  35. Michael J. Wiener (Ed.). 1999. Advances in Cryptology - CRYPTO '99, 19th Annual International Cryptology Conference, Santa Barbara, California, USA, August 15-19, 1999, Proceedings. Lecture Notes in Computer Science, Vol. 1666. Springer.https://doi.org/10.1007/3-540-48405-1Google ScholarGoogle Scholar

Index Terms

  1. Breaking Mobile Firmware Encryption through Near-Field Side-Channel Analysis

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    Get this Publication

    • Article Metrics

      • Downloads (Last 12 months)195
      • Downloads (Last 6 weeks)11

      Other Metrics

      View Author Metrics

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    View Table of Contents
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!