Name |
Electromagnetic Side-Channel Attack |
|
Likelyhood of attack |
Typical severity |
High |
Low |
|
Summary |
In this attack scenario, the attacker passively monitors electromagnetic emanations that are produced by the targeted electronic device as an unintentional side-effect of its processing. From these emanations, the attacker derives information about the data that is being processed (e.g. the attacker can recover cryptographic keys by monitoring emanations associated with cryptographic processing). This style of attack requires proximal access to the device, however attacks have been demonstrated at public conferences that work at distances of up to 10-15 feet. There have not been any significant studies to determine the maximum practical distance for such attacks. Since the attack is passive, it is nearly impossible to detect and the targeted device will continue to operate as normal after a successful attack. |
Prerequisites |
Proximal access to the device. |
Solutions | Utilize side-channel resistant implementations of all crypto algorithms. Strong physical security of all devices that contain secret key information. (even when devices are not in use) |
Related Weaknesses |
CWE ID
|
Description
|
CWE-201 |
Insertion of Sensitive Information Into Sent Data |
|
Related CAPECS |
CAPEC ID
|
Description
|
CAPEC-189 |
An adversary discovers the structure, function, and composition of a type of computer software through black box analysis techniques. 'Black Box' methods involve interacting with the software indirectly, in the absence of direct access to the executable object. Such analysis typically involves interacting with the software at the boundaries of where the software interfaces with a larger execution environment, such as input-output vectors, libraries, or APIs. Black Box Reverse Engineering also refers to gathering physical side effects of a hardware device, such as electromagnetic radiation or sounds. |
|