ElectroMagnetic Analysis (EMA) of Software AES on Java Mobile Phones

International audienceSmartphones, whose market share has increased by 54% between 2009 and 2010, is one of the favored platform for "Convergence Computing". Convergence Computing is a technology in which a single device can provide various services without any restrictions from external devices or networks. Today, smartphones as convergent single device have diverse functions and features such as calling, Internet surfing, game playing, banking, storage of personal and professional data, etc. Some of these use encryption algorithms such as AES (Advanced Encryption Standard). For example, this algorithm is used to authenticate server protocols or to encrypt confidential information. This paper shows that an Electromagnetic Analysis (EMA) on AES is possible on a Java mobile phone to extract secret keys. The latter can then be used for forensic purposes or to recover encrypted data stored in the device. Experiments involving two successful approaches are described and compared : Spectral Density based Approach (SDA) and Template based Resynchronisation Approach (TRA)

Systematic Literature Review of EM-SCA Attacks on Encryption

Cryptography is vital for data security, but cryptographic algorithms can still be vulnerable to side-channel attacks (SCAs), physical assaults exploiting power consumption and EM radiation. SCAs pose a significant threat to cryptographic integrity, compromising device keys. While literature on SCAs focuses on real-world devices, the rise of sophisticated devices necessitates fresh approaches. Electromagnetic side-channel analysis (EM-SCA) gathers information by monitoring EM radiation, capable of retrieving encryption keys and detecting malicious activity. This study evaluates EM-SCA's impact on encryption across scenarios and explores its role in digital forensics and law enforcement. Addressing encryption susceptibility to EM-SCA can empower forensic investigators in overcoming encryption challenges, maintaining their crucial role in law enforcement. Additionally, the paper defines EM-SCA's current state in attacking encryption, highlighting vulnerable and resistant encryption algorithms and devices, and promising EM-SCA approaches. This study offers a comprehensive analysis of EM-SCA in law enforcement and digital forensics, suggesting avenues for further research