Interceptive side channel attack on AES-128 wireless communications for IoT applications

We propose wireless interceptive Side-Channel Attack (SCA) technique to reveal the 16-byte secret key of the AES-128 encryption algorithm in wireless communications, through Correlation Electromagnetic Analysis (CEMA) for Internet of Things (IoT) applications. The encrypted wireless communication link is established using two ATmega-processor based Arduino boards. There are two key features in our proposed interceptive SCA technique. First, we identify the sensitive modules, which emit significant EM signal (physical leakage information) of the ATmega processor during the encryption process. The significant EM signals are highly correlated with processed data to reveal the secret key. Second, we investigate the resistance of AES-128 encryption algorithm implementation on ATmega processor against CEMA based SCA. The wireless signal is intercepted and correlated with EM signals generated during the encryption process. Based on our experimental results, the correlated EM signals leak out at the three modules — FLASH memory, data bus and SRAM modules during the encryption process are 101.56 dBμV, 105.34 dBμV and 121.79 dBμV respectively. In addition, we perform the CEMA attacks on the AES-128 implementation on the ATmega processor and the secret key is successfully revealed at 20,000 EM traces.

[1]  Ingrid Verbauwhede,et al.  DPA, Bitslicing and Masking at 1 GHz , 2015, IACR Cryptol. ePrint Arch..

[2]  High Secured Low Power Multiplexer-LUT Based AES S-Box Implementation , 2016, 2016 International Conference on Information Systems Engineering (ICISE).

[3]  Kwen-Siong Chong,et al.  Counteracting differential power analysis: Hiding encrypted data from circuit cells , 2015, 2015 IEEE International Conference on Electron Devices and Solid-State Circuits (EDSSC).

[4]  Y. Hori,et al.  SASEBO-GIII: A hardware security evaluation board equipped with a 28-nm FPGA , 2012, The 1st IEEE Global Conference on Consumer Electronics 2012.

[5]  Hongming Cai,et al.  Ubiquitous Data Accessing Method in IoT-Based Information System for Emergency Medical Services , 2014, IEEE Transactions on Industrial Informatics.

[6]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[7]  Koen De Bosschere,et al.  Practical Mitigations for Timing-Based Side-Channel Attacks on Modern x86 Processors , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[8]  Faheem Zafari,et al.  Microlocation for Internet-of-Things-Equipped Smart Buildings , 2015, IEEE Internet of Things Journal.

[9]  Eduard Alarcón,et al.  Area Model and Dimensioning Guidelines of Multisource Energy Harvesting for Nano–Micro Interface , 2016, IEEE Internet of Things Journal.

[10]  Lili Du,et al.  Information Dissemination Delay in Vehicle-to-Vehicle Communication Networks in a Traffic Stream , 2015, IEEE Transactions on Intelligent Transportation Systems.