Interceptive side channel attack on AES-128 wireless communications for IoT applications
Pammu, Ali Akbar
Gwee, Bah Hwee
Date of Issue2016
2016 IEEE Asia Pacific Conference on Circuits and Systems (APCCAS)
School of Electrical and Electronic Engineering
Centre for Integrated Circuits and Systems
We propose wireless interceptive Side-Channel Attack (SCA) technique to reveal the 16-byte secret key of the AES-128 encryption algorithm in wireless communications, through Correlation Electromagnetic Analysis (CEMA) for Internet of Things (IoT) applications. The encrypted wireless communication link is established using two ATmega-processor based Arduino boards. There are two key features in our proposed interceptive SCA technique. First, we identify the sensitive modules, which emit significant EM signal (physical leakage information) of the ATmega processor during the encryption process. The significant EM signals are highly correlated with processed data to reveal the secret key. Second, we investigate the resistance of AES-128 encryption algorithm implementation on ATmega processor against CEMA based SCA. The wireless signal is intercepted and correlated with EM signals generated during the encryption process. Based on our experimental results, the correlated EM signals leak out at the three modules - FLASH memory, data bus and SRAM modules during the encryption process are 101.56 dBμV, 105.34 dBμV and 121.79 dBμV respectively. In addition, we perform the CEMA attacks on the AES-128 implementation on the ATmega processor and the secret key is successfully revealed at 20,000 EM traces.
© 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. The published version is available at: [https://doi.org/10.1109/APCCAS.2016.7804081].