Interceptive side channel attack on AES-128 wireless communications for IoT applications

We propose wireless interceptive Side-Channel Attack (SCA) technique to reveal the 16-byte secret key of the AES-128 encryption algorithm in wireless communications, through Correlation Electromagnetic Analysis (CEMA) for Internet of Things (IoT) applications. The encrypted wireless communication li...

Full description

Saved in:
Bibliographic Details
Main Authors: Pammu, Ali Akbar, Chong, Kwen-Siong, Ho, Weng-Geng, Gwee, Bah Hwee
Other Authors: School of Electrical and Electronic Engineering
Format: Conference or Workshop Item
Language:English
Published: 2017
Subjects:
Online Access:https://hdl.handle.net/10356/80478
http://hdl.handle.net/10220/42163
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
Description
Summary:We propose wireless interceptive Side-Channel Attack (SCA) technique to reveal the 16-byte secret key of the AES-128 encryption algorithm in wireless communications, through Correlation Electromagnetic Analysis (CEMA) for Internet of Things (IoT) applications. The encrypted wireless communication link is established using two ATmega-processor based Arduino boards. There are two key features in our proposed interceptive SCA technique. First, we identify the sensitive modules, which emit significant EM signal (physical leakage information) of the ATmega processor during the encryption process. The significant EM signals are highly correlated with processed data to reveal the secret key. Second, we investigate the resistance of AES-128 encryption algorithm implementation on ATmega processor against CEMA based SCA. The wireless signal is intercepted and correlated with EM signals generated during the encryption process. Based on our experimental results, the correlated EM signals leak out at the three modules - FLASH memory, data bus and SRAM modules during the encryption process are 101.56 dBμV, 105.34 dBμV and 121.79 dBμV respectively. In addition, we perform the CEMA attacks on the AES-128 implementation on the ATmega processor and the secret key is successfully revealed at 20,000 EM traces.