Cryptographic primitives and protocols are typically treated as mathematical components that represent the following provable security property: theoretically secure with an established formal security proof. However, in real-world applications, provable security is more often than not weakened by the actual implementation and the properties of the device / system / Operating system on which cryptographic primitives and protocols are deployed – are often exploitable by a side-channel attacker.
Side-channel attacks represent a real threat to cryptographic implementations and as a by-product to the security of a secure system overall in almost all scenarios and use cases. The focus of this research is to study side channel attacks in the context of iOS Operating System, specifically drawing a difference between side channel attacks against user and system level applications using iOS provided crypto library(ies) and those using built-in and / or third party crypto libraries. While running our experiments, we use electromagnetic emanations from the processor as side-channel information and using clock as a trigger to discern Electromagnetic traces.
We then conduct Differential Power Analysis (DPA) against hardened cryptographic implementations in order to recover keys used for symmetric ciphers computations as well as schemes used for Key Exchange / Key Agreement. Electromagnetic emanations will also be used to derive information from stateful protocols execution, where elements of the EM traces Fast Fourier Transform have peak frequencies being observed.