[cryptography] side channel analysis on phones
iang at iang.org
Wed Mar 13 16:11:08 EDT 2013
On 9/03/13 18:30 PM, Tanja Lange wrote:
> Dear Ian,
>> Has anyone done any side channel analysis on phones?
> On the constructive side you might want to check out NaCl for ARM (best
> with NEON), e.g.
> which avoids all software side channel attacks. Not sure how you would
> avoid cache attacks in Java.
> Cryptographic Research has a demo attacking cell phones running slow
> crypto (Java) by electromagnetic radiatiion, see
OK, interesting. One thing I did not understand here was that the
speaker said that at one point that it didn't matter if there was a mode
employed like CBC, and at another point he was stating that he needs
e.g. 10,000 or similar usages of that one key. Which is it?
> Attacking fast (good) implementations is a lot harder but wee're looking
> into it.
so I'm looking for a fast (good) implementation of Java crypto :) (As
mentioned earlier, the open apps world is pretty much limited to pure
What was fairly impressive was that he was reading the ECC key directly
from the oscilloscope from one scan of the radio signal.
> All the best
More information about the cryptography