Harald Welte's blog

Differential Power Analysis on mobile phone?

cnet.com reports some researchers succeeding in performing a differential power analysis (DPA) on a mobile phone in order to "steal cryptographic keys that are used to encrypt communications and authenticate users on mobile devices".

This sounds fishy. At least on GSM phones, the keys for authentication are stored inside the SIM card. And somebody claiming that within a mobile phone with it's many analog RF and digital circuits (causing interference and noise) he can still perform a DPA on the SIM card just simply sounds unreasonable.

I would like to see those results being fully disclosed and independently reproduced before giving them much credibility.

The current encryption session key is not used for authentication, it is very short lived (typically 1 to 5 calls before a new key is negotiated), and it is not considered very safe anyway. The phone writes it to the SIM card, and malware programs installed on the phone are likely to get access to that key anyway. So no need for a DPA here...

Harald Welte's blog

	RSS Harald's Web gnumonks.org hmw-consulting.com Projects OpenBSC OsmocomBB deDECTed.org gnufiish OpenMoko gpl-violations.org gpl-devices.org OpenEZX OpenBeacon OpenPCD librfid openmrtd opentom.org netfilter/iptables Categories Root (965) ccc (26) dect (1) electronics (12) gsm (80) osmocom-bb (3) knf (4) linux (661) a780 (39) conferences (117) cyberjack (4) gnuradio (5) gpl-violations (123) gspc (6) mobile (24) mrtd (34) netfilter (115) openmoko (51) opentom (7) samsung (1) via (22) misc (14) personal (110) bollywood (17) taiwan (3) photography (9) politics (25) swpat (3) Archives 2010 (54) July (8) June (8) May (13) April (13) March (4) February (4) January (4) 2009 (146) December (8) November (9) October (21) September (9) August (8) July (12) June (18) May (9) April (14) March (9) February (12) January (17) 2008 (106) 2007 (53) 2006 (154) 2005 (248) 2004 (198) 2003 (5) 2002 (1) Other Bloggers David Burgess Zecke Michael Lauer Stefan Schmidt Rusty Russell David Miller Martin Pool Jeremy Kerr Tim Pritlove (German) fukami (German) fefe (German) Bradley M. Kuhn Lawrence Lessig Kalyan Varma Aggregators kernelplanet.org planet.netfilter.org planet.openezx.org planet.openmoko.org planet.foss.in identi.ca twitter flattr Linked in Xing Articles on this blog/journal are licensed under a Creative Commons Attribution-NoDerivs 2.5 License.	Wed, 21 Oct 2009 Differential Power Analysis on mobile phone? cnet.com reports some researchers succeeding in performing a differential power analysis (DPA) on a mobile phone in order to "steal cryptographic keys that are used to encrypt communications and authenticate users on mobile devices". This sounds fishy. At least on GSM phones, the keys for authentication are stored inside the SIM card. And somebody claiming that within a mobile phone with it's many analog RF and digital circuits (causing interference and noise) he can still perform a DPA on the SIM card just simply sounds unreasonable. I would like to see those results being fully disclosed and independently reproduced before giving them much credibility. The current encryption session key is not used for authentication, it is very short lived (typically 1 to 5 calls before a new key is negotiated), and it is not considered very safe anyway. The phone writes it to the SIM card, and malware programs installed on the phone are likely to get access to that key anyway. So no need for a DPA here... [ /gsm \| permanent link ]