Cyber Security News

Electromagnetic Side-Channel Analysis of Cryptographically Secured Devices

Electromagnetic (EM) side-channel analysis has emerged as a significant threat to cryptographically secured devices, particularly in the era of the Internet of Things (IoT).

These attacks exploit information leakages through physical parameters such as EM radiation, which is emitted by all powered electronic devices due to internal current flows.

Unlike traditional power analysis attacks, EM side-channel attacks can be performed non-invasively using low-cost EM probes, making them more accessible and affordable for potential attackers.

EMA classification

Methodology

The methodology behind EM side-channel attacks typically involves two phases: data collection and analysis.

In the first phase, EM emanations from a device are captured using EM probes, often connected to a low-noise amplifier for better signal quality.

The collected traces are then analyzed using various models, including Simple Electromagnetic Analysis (SEMA), Differential Electromagnetic Analysis (DEMA), and Correlation Electromagnetic Analysis (CEMA).

CEMA is particularly effective as it can retrieve secret keys without requiring detailed knowledge of the device’s operations.

For instance, a CEMA attack on the PRESENT lightweight cipher can recover up to 8 bytes of a 10-byte encryption key using just 256 EM waveforms.

Hardware connectivity of the testbed

Impact

Recent studies have highlighted the importance of preprocessing techniques in enhancing the efficiency of EM side-channel attacks.

By applying optimal preprocessing methods, the number of traces required for key recovery can be significantly reduced, improving the success rate of attacks.

Additionally, profiling attacks, such as template and machine learning-based methods, have shown promising results in extracting sensitive information from complex devices like System-on-Chips (SoCs).

To mitigate EM side-channel vulnerabilities, researchers have proposed various countermeasures.

One approach involves routing cryptographic signals through lower metal layers to reduce EM leakage, as demonstrated by the STELLAR solution.

This method aims to eliminate critical signal radiation from higher metal layers, thus enhancing the security of cryptographic ICs.

Furthermore, ongoing research focuses on developing low-overhead solutions that can protect against both power and EM side-channel attacks, emphasizing the need for a comprehensive security strategy in the design of future cryptographic devices.

As EM side-channel analysis continues to evolve, it is crucial for device manufacturers to integrate robust countermeasures to safeguard against these increasingly sophisticated threats.

Are you from SOC/DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.

Aman Mishra

Aman Mishra is a Security and privacy Reporter covering various data breach, cyber crime, malware, & vulnerability.

Recent Posts

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector emerged…

29 minutes ago

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its attacks…

42 minutes ago

SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks

SpyCloud, the leading identity threat protection company, today released an analysis of nearly 6 million…

2 hours ago

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect servers…

3 hours ago

Healthcare Sector Becomes a Major Target for Cyber Attacks in 2025

The healthcare sector has emerged as a prime target for cyber attackers, driven by the…

3 hours ago

SysAid ITSM Vulnerabilities Enables Pre-Auth Remote Command Execution

Security researchers have disclosed a chain of critical vulnerabilities affecting SysAid ITSM’s On-Premise solution, enabling…

4 hours ago