Region:
Australia Austria Brazil Canada China France Germany Hungary India Italy Japan Korea Malaysia
Mexico Netherlands Poland Russian Federation Singapore Spain Swaziland Sweden Switzerland Taiwan United Kingdom United States
See All Countries and Regions
Quick Order
0
Parts List
Your cart is currently empty.
Browse all our products to find what you need.
View All Products

Ettus Research Blog

Back to Blog

“ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels” Genkin et al.

| Friday, March 04, 2016

“ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels” Genkin et al.

Abstract

We show that elliptic-curve cryptography implementations on mobile devices are vulnerable to electromagnetic and power side-channel attacks. We demonstrate full extraction of ECDSA secret signing keys from OpenSSL and CoreBitcoin running on iOS devices, and partial key leakage from OpenSSL running on Android and from iOS’s CommonCrypto. These non-intrusive attacks use a simple magnetic probe placed in proximity to the device, or a power probe on the phone’s USB cable. They use a bandwidth of merely a few hundred kHz, and can be performed cheaply using an audio card and an improvised magnetic probe.

Read the full article here