Apple vs. EMA: Electromagnetic Side Channel Attacks on Apple CoreCrypto
TimeTuesday, July 12th2:30pm - 3pm PDT
Location3006, Level 3
Embedded and Cross-Layer Security
DescriptionWe demonstrate the first physical side channel attack on a standard ARM CE AES implementation. We specifically focus on the implementation used by Apple's CoreCrypto library running on genuine iPhone hardware. To that end, we implement an optimized side channel acquisition infrastructure involving both custom iPhone software and accelerated analysis code. We find that an adversary which can observe 5-30 million known-ciphertext traces can extract secret AES keys using electromagnetic radiation as a side channel. This corresponds to an encryption on less than 0.5 GB of data, which could be acquired in 2 seconds on the iPhone 7 we examined.