Poster: Is active electromagnetic side-channel attack practical?

Satohiro Wakabayashi, Seita Maruyama, Tatsuya Mori, Shigeki Goto, Masahiro Kinugawa, Yu Ichi Hayashi

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    2 Citations (Scopus)

    Abstract

    Radio-frequency (RF) retroreflector attack (RFRA) is an active electromagnetic side-channel attack that aims to leak the target's internal signals by irradiating the targeted device with a radio wave, where an attacker has embedded a malicious circuit (RF retroreflector) in the device in advance. As the retroreflector consists of small and cheap electrical elements such as a field-effect transistor (FET) chip and a wire that can work as a dipole antenna, the reflector can be embedded into various kinds of electric devices that carry unencrypted, sensitive information; e.g., keyboard, display monitor, microphone, speaker, USB, and so on. Only a few studies have addressed the basic mechanism of RFRA and demonstrated the success of the attack. The conditions for a successful attack have not been adequately explored before, and therefore, assessing the feasibility of the attack remains an open issue. In the present study, we aim to investigate empirically the conditions for a successful RFRA through field experiments. Understanding attack limitations should help to develop effective countermeasures against it. In particular, with regard to the conditions for a successful attack, we studied the distance between the attacker and the target, and the target signal frequencies. Through the extensive experiments using off-the-shelf hardware including software-defined radio (SDR) equipment, we revealed that the required conditions for a successful attack are (1) up to a 10-Mbps of target signal and (2) up to a distance of 10 meters. These results demonstrate the importance of the RFRA threat in the real world.

    Original languageEnglish
    Title of host publicationCCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
    PublisherAssociation for Computing Machinery
    Pages2587-2589
    Number of pages3
    VolumePart F131467
    ISBN (Electronic)9781450349468
    DOIs
    Publication statusPublished - 2017 Oct 30
    Event24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017 - Dallas, United States
    Duration: 2017 Oct 302017 Nov 3

    Other

    Other24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017
    CountryUnited States
    CityDallas
    Period17/10/3017/11/3

    Keywords

    • Active electromagnetic side-channel attack
    • Hardware security
    • RF retroreflector attack

    ASJC Scopus subject areas

    • Software
    • Computer Networks and Communications

    Fingerprint Dive into the research topics of 'Poster: Is active electromagnetic side-channel attack practical?'. Together they form a unique fingerprint.

  • Cite this

    Wakabayashi, S., Maruyama, S., Mori, T., Goto, S., Kinugawa, M., & Hayashi, Y. I. (2017). Poster: Is active electromagnetic side-channel attack practical? In CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (Vol. Part F131467, pp. 2587-2589). Association for Computing Machinery. https://doi.org/10.1145/3133956.3138830