Physical Fault Injection and Side-Channel Attacks on Mobile Devices: A Comprehensive Analysis

TL;DR

This paper provides a comprehensive survey of physical fault injection and side-channel attacks on modern mobile devices, analyzing over 50 studies to evaluate methods, challenges, and future research directions.

Contribution

It consolidates recent research on physical and side-channel attacks on mobile devices, offering a comparative analysis and highlighting challenges and future opportunities.

Findings

Existing attacks face increased complexity due to advanced security mechanisms.

Many attacks are limited by device heterogeneity and attack conditions.

Future research should focus on overcoming current limitations and developing new attack strategies.

Abstract

Today's mobile devices contain densely packaged system-on-chips (SoCs) with multi-core, high-frequency CPUs and complex pipelines. In parallel, sophisticated SoC-assisted security mechanisms have become commonplace for protecting device data, such as trusted execution environments, full-disk and file-based encryption. Both advancements have dramatically complicated the use of conventional physical attacks, requiring the development of specialised attacks. In this survey, we consolidate recent developments in physical fault injections and side-channel attacks on modern mobile devices. In total, we comprehensively survey over 50 fault injection and side-channel attack papers published between 2009-2021. We evaluate the prevailing methods, compare existing attacks using a common set of criteria, identify several challenges and shortcomings, and suggest future directions of research.