Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices

Raphael Spreitzer, Veelasha Moonsamy, Thomas Korak, Stefan Mangard

Research output: Contribution to journalArticleResearchpeer-review

Abstract

Side-channel attacks on mobile devices have gained increasing attention since their introduction in 2007. While traditional side-channel attacks, such as power analysis attacks and electromagnetic analysis attacks, required physical presence of the attacker as well as expensive equipment, an (unprivileged) application is all it takes to exploit the leaking information on modern mobile devices. Given the vast amount of sensitive information that are stored on smartphones, the ramifications of side-channel attacks affect both the security and privacy of users and their devices.

In this paper, we propose a new categorization system for side-channel attacks, which is necessary as side-channel attacks have evolved significantly since their scientific investigations during the smart card era in the 1990s. Our proposed classification system allows to analyze side-channel attacks systematically, and facilitates the development of novel countermeasures. Besides this new categorization system, the extensive survey of existing attacks and attack strategies provides valuable insights into the evolving field of side-channel attacks, especially when focusing on mobile devices. We conclude by discussing open issues and challenges in this context and outline possible future research directions.
Original languageEnglish
Pages (from-to)465-488
Number of pages24
JournalIEEE Communications Surveys & Tutorials
Volume20
Issue number1
DOIs
Publication statusPublished - 2018

Fingerprint

Mobile devices
Side channel attack
Smart cards
Smartphones

Cite this

Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices. / Spreitzer, Raphael; Moonsamy, Veelasha; Korak, Thomas; Mangard, Stefan.

In: IEEE Communications Surveys & Tutorials, Vol. 20, No. 1, 2018, p. 465-488.

Research output: Contribution to journalArticleResearchpeer-review

Spreitzer, Raphael ; Moonsamy, Veelasha ; Korak, Thomas ; Mangard, Stefan. / Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices. In: IEEE Communications Surveys & Tutorials. 2018 ; Vol. 20, No. 1. pp. 465-488.
@article{419cc7d873814e94abbd0e26ac49ed4a,
title = "Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices",
abstract = "Side-channel attacks on mobile devices have gained increasing attention since their introduction in 2007. While traditional side-channel attacks, such as power analysis attacks and electromagnetic analysis attacks, required physical presence of the attacker as well as expensive equipment, an (unprivileged) application is all it takes to exploit the leaking information on modern mobile devices. Given the vast amount of sensitive information that are stored on smartphones, the ramifications of side-channel attacks affect both the security and privacy of users and their devices. In this paper, we propose a new categorization system for side-channel attacks, which is necessary as side-channel attacks have evolved significantly since their scientific investigations during the smart card era in the 1990s. Our proposed classification system allows to analyze side-channel attacks systematically, and facilitates the development of novel countermeasures. Besides this new categorization system, the extensive survey of existing attacks and attack strategies provides valuable insights into the evolving field of side-channel attacks, especially when focusing on mobile devices. We conclude by discussing open issues and challenges in this context and outline possible future research directions.",
author = "Raphael Spreitzer and Veelasha Moonsamy and Thomas Korak and Stefan Mangard",
year = "2018",
doi = "10.1109/COMST.2017.2779824",
language = "English",
volume = "20",
pages = "465--488",
journal = "IEEE Communications Surveys & Tutorials",
issn = "1553-877X",
publisher = "IEEE Communications Society",
number = "1",

}

TY - JOUR

T1 - Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices

AU - Spreitzer, Raphael

AU - Moonsamy, Veelasha

AU - Korak, Thomas

AU - Mangard, Stefan

PY - 2018

Y1 - 2018

N2 - Side-channel attacks on mobile devices have gained increasing attention since their introduction in 2007. While traditional side-channel attacks, such as power analysis attacks and electromagnetic analysis attacks, required physical presence of the attacker as well as expensive equipment, an (unprivileged) application is all it takes to exploit the leaking information on modern mobile devices. Given the vast amount of sensitive information that are stored on smartphones, the ramifications of side-channel attacks affect both the security and privacy of users and their devices. In this paper, we propose a new categorization system for side-channel attacks, which is necessary as side-channel attacks have evolved significantly since their scientific investigations during the smart card era in the 1990s. Our proposed classification system allows to analyze side-channel attacks systematically, and facilitates the development of novel countermeasures. Besides this new categorization system, the extensive survey of existing attacks and attack strategies provides valuable insights into the evolving field of side-channel attacks, especially when focusing on mobile devices. We conclude by discussing open issues and challenges in this context and outline possible future research directions.

AB - Side-channel attacks on mobile devices have gained increasing attention since their introduction in 2007. While traditional side-channel attacks, such as power analysis attacks and electromagnetic analysis attacks, required physical presence of the attacker as well as expensive equipment, an (unprivileged) application is all it takes to exploit the leaking information on modern mobile devices. Given the vast amount of sensitive information that are stored on smartphones, the ramifications of side-channel attacks affect both the security and privacy of users and their devices. In this paper, we propose a new categorization system for side-channel attacks, which is necessary as side-channel attacks have evolved significantly since their scientific investigations during the smart card era in the 1990s. Our proposed classification system allows to analyze side-channel attacks systematically, and facilitates the development of novel countermeasures. Besides this new categorization system, the extensive survey of existing attacks and attack strategies provides valuable insights into the evolving field of side-channel attacks, especially when focusing on mobile devices. We conclude by discussing open issues and challenges in this context and outline possible future research directions.

U2 - 10.1109/COMST.2017.2779824

DO - 10.1109/COMST.2017.2779824

M3 - Article

VL - 20

SP - 465

EP - 488

JO - IEEE Communications Surveys & Tutorials

JF - IEEE Communications Surveys & Tutorials

SN - 1553-877X

IS - 1

ER -