screaming channels - eurecoms3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5...
TRANSCRIPT
![Page 1: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/1.jpg)
![Page 2: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/2.jpg)
Screaming ChannelsWhen Electromagnetic Side Channels Meet Radio Transceivers
Giovanni Camurati, Sebastian Poeplau, Marius Muench,
Tom Hayes, Aurélien Francillon
![Page 3: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/3.jpg)
What’s this all about?
- A novel attack exploiting EM side channels from a distance
- A PoC implementation up to 10m distance (with demo!)
- Where to go from here?
![Page 4: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/4.jpg)
Let’s start from the beginning
![Page 5: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/5.jpg)
Leaks in radio signals
AES128(K,P)
![Page 6: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/6.jpg)
AgendaFrom the state of the art to a novel attack
![Page 7: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/7.jpg)
Agenda
Introduction
Part I Part II Part IIIBackground
- EM Side-Channels
- RF communications 101
- Noise in mixed-signal ICs
Our Story
- Discovery of the leak
- Explanation
Towards an attack
- Building the attack
- Demo
Conclusion
![Page 8: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/8.jpg)
Agenda
Introduction
Part I Part II Part IIIBackground
- EM Side-Channels
- RF communications 101
- Noise in mixed-signal ICs
Our Story
- Discovery of the leak
- Explanation
Towards an attack
- Building the attack
- Demo
Conclusion
![Page 9: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/9.jpg)
Side channel basics
• Even provably secure cryptography may be broken if some intermediate computations are visible
• Physical implementations may leak intermediate data
• Attackers observe the leaks and reconstruct cryptographic secrets
![Page 10: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/10.jpg)
Side channel basics
ChipWhisperer!
https://wiki.newae.com/File:Cw1173_microusb.jpg
![Page 11: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/11.jpg)
ElectromagneticSide-Channels
• Data-dependent EM leaks occur because:• Digital logic consumes current when switching• Current variations generate EM emissions• Similar to power side-channels
• Known attacks:
Distance
Kasper et al. [1] Genkin et al. [2] TEMPEST [3]
![Page 12: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/12.jpg)
Correlation attack basics
•An intuitive attack, there are many more
• Ingredients:• Known Plaintext• State non-linear in Plaintext and Key• Leak linear in the State
LeakState
K
P
} Leak model
![Page 13: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/13.jpg)
Correlation attack basics
•Recipe:1. Encrypt many times and measure the Leaks2. Guess a byte of the Key and compute the States3. Check if the Measurements correlate with the
Computations4. Repeat for each byte of the key
MeasuredComputed
K
P
![Page 14: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/14.jpg)
Correlation attack basics
•Recipe:1. Encrypt many times and measure the Leaks2. Guess a byte of the Key and the corresponding States3. The guess is right iff the Leaks are linear with the States 4. Repeat for each byte of the key
LeakState
K
P
𝑓𝑜𝑟 𝒃𝒚𝒕𝒆 𝑖𝑛 𝒌𝒆𝒚:𝑓𝑜𝑟 𝒈𝒖𝒆𝒔𝒔 𝑖𝑛 𝟎 𝑡𝑜 𝟐𝟓𝟓:
𝑟𝑎𝑛𝑘𝑠[𝑔𝑢𝑒𝑠𝑠] = 𝑐𝑜𝑟𝑟𝑒𝑙𝑎𝑡𝑖𝑜𝑛(𝑙𝑒𝑎𝑘, 𝑔𝑢𝑒𝑠𝑠)𝑔𝑢𝑒𝑠𝑠𝑏𝑒𝑠𝑡[𝑏𝑦𝑡𝑒] = 𝑎𝑟𝑔𝑚𝑎𝑥(𝑟𝑎𝑛𝑘𝑠)
![Page 15: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/15.jpg)
Agenda
Introduction
Part I Part II Part IIIBackground
- EM Side-Channels
- RF communications 101
- Noise in mixed-signal ICs
Our Story
- The Hypothesis
- Explanation
Towards an attack
- Building the attack
- Demo
Conclusion
![Page 16: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/16.jpg)
-1.25
-1
-0.75
-0.5
-0.25
0
0.25
0.5
0.75
1
1.25
A Simple Wave
Distance
Amplitu
de
λ
a
c
![Page 17: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/17.jpg)
-1.25
-1
-0.75
-0.5
-0.25
0
0.25
0.5
0.75
1
1.25
A Simple Wave
Distance
Amplitu
de
λ
c
Frequency
Pow
er
Spect
rum
f
a
![Page 18: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/18.jpg)
Modulation BasicsAmplitu
de
Time
Information
Carrier
AM Signal
![Page 19: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/19.jpg)
Modulation BasicsAmplitu
de
Time
Information
Carrier
AM Signal
Power
Spect
rum
fc fc+fifc-fi
![Page 20: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/20.jpg)
Agenda
Introduction
Part I Part II Part IIIBackground
- EM Side-Channels
- RF communications 101
- Noise in mixed-signal ICs
Our Story
- Discovery of the leak
- Explanation
Towards an attack
- Building the attack
- Demo
Conclusion
![Page 21: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/21.jpg)
Mixed-signal chips
• Examples• Look around…• BT, WiFi, GPS, etc.
• Idea• Combine digital processor and analog radio on a single chip• Integrate the two and provide an easy interface to the outside
• Benefits• Cheap• Small• Power efficient• Nice for developers
![Page 22: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/22.jpg)
A big problem: Noise
• Digital logic produces noise
• Close physical proximity facilitates noise propagation
• Analog radio is sensitive to noise
• Designers care about functionality
![Page 23: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/23.jpg)
What if digital noise with sensitive information leaks into the radio signal?
![Page 24: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/24.jpg)
Agenda
Introduction
Part I Part II Part IIIBackground
- EM Side-Channels
- RF communications 101
- Noise in mixed-signal ICs
Our Story
- Discovery of the leak
- Explanation
Towards an attack
- Building the attack
- Demo
Conclusion
![Page 25: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/25.jpg)
So the journey begins...
![Page 26: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/26.jpg)
Discovery of a leak
• After months of trying:• Multiple chips
• Custom firmware
• One day:• Accidental tuning on "wrong" frequency
• A leak dependent on our computations
• So the investigation started
![Page 27: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/27.jpg)
Discovery of a leak
Mixed-signal chip
Software Defined Radio
P
f2.4 GHz
Simple Firmware:- TX off/on (CW)- Slow loop/fast loop- Controlled via UART
![Page 28: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/28.jpg)
Discovery of a leak
Mixed-signal chip
Software Defined Radio
P
f
![Page 29: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/29.jpg)
Discovery of a leak
Mixed-signal chip
Spectrum Analyzer
- Slow loop- TX off- Close distance
P
f64 MHz
![Page 30: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/30.jpg)
Discovery of a leak
Mixed-signal chip
Spectrum Analyzer
P
f64 MHz
- Fast loop- TX off- Close distance
![Page 31: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/31.jpg)
Discovery of a leak
Mixed-signal chip
Spectrum Analyzer
P
f64 MHz 2.4 GHz
- Slow loop- TX on
![Page 32: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/32.jpg)
Discovery of a leak
Mixed-signal chip
Spectrum Analyzer
P
f64 MHz 2.4 GHz
- Fast loop- TX on
![Page 33: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/33.jpg)
Agenda
Introduction
Part I Part II Part IIIBackground
- EM Side-Channels
- RF communications 101
- Noise in mixed-signal ICs
Our Story
- Discovery of the leak
- Explanation
Towards an attack
- Building the attack
- Demo
Conclusion
![Page 34: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/34.jpg)
Logic Transmission Scheme
Digital noise
Clock (64MHz)
BT Carrier (2.4GHz)
Radio
64 MHz 2.4 GHz64 MHz
P
f
![Page 35: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/35.jpg)
Conventional
Digital noise
Clock (64MHz)
64 MHz
P
f
• Current consumption• Mixing
![Page 36: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/36.jpg)
Conventional
• Current consumption• Dependent on
transitions of logic values
• Mixing
𝑽𝒐𝒖𝒕𝑽𝒊𝒏
𝑮𝒏𝒅
𝑽𝑺𝒖𝒑𝒑𝒍𝒚
𝑪𝑷𝒂𝒓𝒂𝒔𝒊𝒕𝒊𝒄
t 𝑽𝒐𝒖𝒕: 𝟎 → 𝟏
𝑰
𝑰
![Page 37: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/37.jpg)
Conventional
• Current consumption• Dependent on
transitions of logic values
• Mixing
𝑽𝒐𝒖𝒕𝑽𝒊𝒏
𝑮𝒏𝒅
𝑽𝑺𝒖𝒑𝒑𝒍𝒚
𝑪𝑷𝒂𝒓𝒂𝒔𝒊𝒕𝒊𝒄
t
𝑰
𝑰
𝑽𝒐𝒖𝒕: 𝟏 → 𝟎𝑽𝒐𝒖𝒕: 𝟎 → 𝟏
![Page 38: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/38.jpg)
Conventional
• Current consumption• Dependent on
transitions of logic values
• Mixing• Clock• 1: “direct”
𝑪𝒍𝒌
𝑫𝒂𝒕𝒂 𝒍𝒊𝒏𝒆
Carrier Modulation
![Page 39: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/39.jpg)
Conventional
• Current consumption• Dependent on
transitions of logic values
• Mixing• Clock• 1: “direct”• 2: non-linear
components
𝑰𝒔𝒂𝒕 = α(𝑽𝟏 + 𝑽𝟐−𝑽𝒕𝒉)𝟐 ==
𝟐 𝑽𝟏 × 𝑽𝟐 + 𝒆𝒕𝒄.𝑽𝟏 + 𝑽𝟐
nMOS transistor in saturation
![Page 40: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/40.jpg)
Screaming Channels
Digital noise
Clock (64MHz)
BT Carrier (2.4GHz)
Radio
64 MHz 2.4 GHz64 MHz
P
f
• Digital to Analog propagation• Mixing
![Page 41: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/41.jpg)
Screaming Channels
Digital noise
Clock (64MHz)
64 MHz
P
f
Substrate
Digital Analog
𝑽𝑺𝒖𝒑𝒑𝒍𝒚• Digital to Analog propagation
• 1: Substrate Coupling• Same silicon die
• 2: Power Supply Coupling• Same power supply
• Mixing
![Page 42: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/42.jpg)
Screaming Channels
Digital noise
Clock (64MHz)
64 MHz
P
f
• Digital to Analog propagation1. Substrate Coupling
• Same silicon die2. Power Supply Coupling
• Same power supply• Mixing
1. Voltage Controlled Oscillator2. Power Amplifier3. etc. DAC
VCO
I
Q
PA𝟎°
𝟗𝟎°
Noise from the digital domain
(Analog) TX
![Page 43: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/43.jpg)
Summing Up
Generation "Spectrum Spraying" Propagation Radio Transmission
![Page 44: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/44.jpg)
Agenda
Introduction
Part I Part II Part IIIBackground
- EM Side-Channels
- RF communications 101
- Noise in mixed-signal ICs
Our Story
- Discovery of the leak
- Explanation
Towards an attack
- Building the attack
- Demo
Conclusion
![Page 45: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/45.jpg)
AES in the spectrogram
Radio Off Radio On AES On
![Page 46: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/46.jpg)
AES in the spectrogram
Radio Off Radio On AES On
![Page 47: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/47.jpg)
AES in the spectrogram
Radio Off Radio On AES On
![Page 48: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/48.jpg)
AES in the spectrogram
Radio Off Radio On AES On
![Page 49: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/49.jpg)
AES in the spectrogram
Radio Off Radio On AES On
![Page 50: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/50.jpg)
AES in the spectrogram
Radio Off Radio On AES On
![Page 51: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/51.jpg)
Extraction and alignment
Packets
Trigger Frequency
![Page 52: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/52.jpg)
Extraction and alignment
Self-correlation alignment
Average
![Page 53: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/53.jpg)
Attacking
• Extraction of clean traces
• Some attacks• Correlation attack• Template attack• Built upon ChipWhisperer's implementations
• Attacked implementations• mbedTLS• TinyAES
![Page 54: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/54.jpg)
Evolution of the attack
15 cm
2 m
3 m
5 m
10 mCable
15 cm
![Page 55: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/55.jpg)
Agenda
Introduction
Part I Part II Part IIIBackground
- EM Side-Channels
- RF communications 101
- Noise in mixed-signal ICs
Our Story
- Discovery of the leak
- Explanation
Towards an attack
- Building the attack
- Demo
Conclusion
![Page 56: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/56.jpg)
Demo time!
![Page 57: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/57.jpg)
Agenda
Introduction
Part I Part II Part IIIBackground
- EM Side-Channels
- Noise in mixed-signal ICs
Our Story
- Discovery of the leak
- Explanation
Towards an attack
- Building the attack
- Demo results
Conclusion
![Page 58: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/58.jpg)
Impact
![Page 59: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/59.jpg)
Impact
• General Problem
• Potential to affect any radio transmitter close to digital logic
• Not limited to IC designs
![Page 60: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/60.jpg)
Impact
• General Problem• Potential to affect any radio transmitter close to digital logic
![Page 61: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/61.jpg)
Just a PoC?
• Attacks on real-world targets will follow
• Simple attack, we can do much better• Collection: get more data in less time
• Processing: make better use of the information we have
• Abusing protocol weaknesses
• Share early, mitigate faster
![Page 62: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/62.jpg)
Responsible Disclosure
• Contacted major vendors & multiple CERTs
• Multiple acknowledgments of the problem’s generality
• 2 vendors are replicating our results
• 1 vendor looks actively into short- and long-term countermeasures
![Page 63: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/63.jpg)
Countermeasures
![Page 64: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/64.jpg)
Countermeasures
• Classic (SW/HW)• Masking, Noise, good protocols, etc.• "Easy" but may be expensive to buy license for low-cost chips• A classic arms race can start
• Software-specific• Turn off the radio during sensitive computations• Not so easy if there are real-time requirements• Turns off the channel completely
• Hardware-specific• Consider security impact of noise coupling during design and testing• Will it increase the cost too much?
![Page 65: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/65.jpg)
Black Hat Sound BytesWhat will you take home?
![Page 66: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/66.jpg)
Screaming Channels:The Sound Bytes
![Page 67: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/67.jpg)
Thank you!Code: https://www.github.com/eurecom-s3/screaming_channels
More Info: https://s3.eurecom.fr/tools/screaming_channels
<[email protected]> <[email protected]>@GioCamurati @nSinusR
![Page 68: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/68.jpg)
AcknowledgementsThe authors acknowledge the support of SeCiF project within the French-German Academy for the Industry of the future, as well as the support by the DAPCODS/IOTics ANR 2016 project (ANR-16-CE25-0015).
We would like to thank the FIT R2lab team from Inria, Sophia Antipolis, for their help in using the R2lab testbed.
![Page 69: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/69.jpg)
References[1] Kasper, Timo, et al. "EM side-channel attacks on commercial contactless smartcards using low-cost equipment." International Workshop on Information Security Applications. Springer, Berlin, Heidelberg, 2009.
[2] Genkin, Daniel, et al. "ECDH key-extraction via low-bandwidth electromagnetic attacks on PCs." Cryptographers’ Track at the RSA Conference. Springer, Cham, 2016.
[3] NSA. “NACSIM 5000, Tempest fundamentals.” Technical Report. 1982.Document declassified in 2000 and available at https://cryptome.org/jya/nacsim-5000/nacsim-5000.htm
![Page 70: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/70.jpg)
Third-Party Images- "nRF51822 - Bluetooth LE SoC : weekend die-shot" - CC-BY – Modified with annotations.Original by zeptobarshttps://zeptobars.com/en/read/nRF51822-Bluetooth-LE-SoC-Cortex-M0
- "Github ribbon" - MIT – mojombohttps://blog.github.com/2008-12-19-github-ribbons/
- “Television Antenna" - CC0 – George Hodanhttps://www.publicdomainpictures.net/en/view-image.php?image=239649
![Page 71: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/71.jpg)
Backup slides
![Page 72: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/72.jpg)
Which devices?
• We do not want to blame a specific vendor• Especially because the problem is general
• But you can find all names and details in the paper and on our website
• The problem is general• Ack by vendors
• Attack on several BLE devices of the same vendor
• Signs of leaks on other (Wi-Fi) devices
• Also different types of leaks
• Still need more investigations (time…)
![Page 73: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/73.jpg)
What about hopping?
• Real BT communications use frequency hopping• The carrier changes values (in a given set) following a pseudo-random
sequence• The frequency of the leak changes too
• We can still attack• We can listen to multiple frequencies, or with a large bandwidth• Actually, we already plan to exploit more replicas of the leak• Tom Hayes, Sebastian Poeplau, and Aurélien Francillon worked on an IEEE
802.15.4 sniffer that concurrently listens to all channels, we could reuse the same ideas
![Page 74: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/74.jpg)
What about Wi-Fi?
• The problem is in the mixed-signal design, not in the protocol
• We ended up on a BT chip by chance, and then decided to go deeper (increasing the distance)
• We have signs of (different) leaks in 2 Wi-Fi chips
• But for sure now we have to try more chips
![Page 75: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/75.jpg)
What about Hardware AES?
• Hardware AES implementations are used for link layer encryption
• Attacking turns out to be more difficult than software AES• Faster calculation, higher radio resolution is needed
• Most of the time blackbox implementations
• We ran some experiments• 4/16 bytes recovered
![Page 76: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/76.jpg)
Threat model?
• For these devices, side channels were not in the threat model• Close physical proximity/access not too realistic
• Low cost, low impact
• But now attacks could be mounted from a large distance• EM side channels become important
• Indeed remote timing side channels (cache) are already considered
![Page 77: Screaming Channels - EURECOMs3.eurecom.fr/slides/bh18us_camurati.slides.pdf-0.75-0.5-0.25 0 0.25 0.5 0.75 1 1.25 A Simple Wave Distance e λ c Frequency r rum f a Modulation Basics](https://reader036.vdocument.in/reader036/viewer/2022081616/5feaf264fd2cb935c236c59f/html5/thumbnails/77.jpg)
Some Attack Data
Distance Environment Implementation # AttackTraces
#Template
Traces
1 m Office tinyAES 52589 x 500 70000 x 500
3 m Anechoic Room tinyAES 718 x 500 70000 x 500
5m Anechoic Room tinyAES 428 x 500 70000 x 500
10 m Anechoic Room tinyAES 1428 x 500 130000 x 500