cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
DAlexander
Newcomer III

Screaming Channel attack...and no, I'm not talking about US Cable News

Saw some recent traffic here regarding secure development and IoT vulnerabilities.  I just read a paper discussing a recently studied problem between mixed-signal chips and the inherent electromagnetic leakage that comes with them.  The authors were able to demonstrate a complete key recovery attack to recover the key used by an AES-128 implementation at a distance of 1m.  Anyhow, just wanted to share with @ontheway and the rest of the community.

1 Reply
Badfilemagic
Contributor II

The key material recovery aspect is indeed intriguing, but luckily the 1m distance forces the adversary close-in. In public, this may be a problem. However, this type of situation is exactly what TEMPEST is meant to mitigate. But, defense and intelligence have a much different threat model than most commercial shops or producers of consumer electronics.

-- wdf//CISSP, CSSLP