Electromagnetic Analysis of an Ultra-Lightweight Cipher: PRESENT

TL;DR

This paper investigates electromagnetic side-channel leakage in the lightweight PRESENT cipher, demonstrating the feasibility of correlation electromagnetic analysis (CEMA) attacks on IoT-relevant cryptography to enhance security assessments.

Contribution

It is the first to analyze electromagnetic emissions of PRESENT and develop CEMA attack models, advancing side-channel attack techniques for lightweight cryptography in IoT devices.

Findings

Electromagnetic emissions can be correlated with cryptographic operations.

CEMA attack models successfully extracted key information from PRESENT.

Electromagnetic analysis is a viable side-channel attack vector for lightweight ciphers.

Abstract

Side-channel attacks are an unpredictable risk factor in cryptography. Therefore, continuous observations of physical leakages are essential to minimise vulnerabilities associated with cryptographic functions. Lightweight cryptography is a novel approach in progress towards internet-of-things (IoT) security. Thus, it would provide sufficient data and privacy protection in such a constrained ecosystem. IoT devices are resource-limited in terms of data rates (in kbps), power maintainability (battery) as well as hardware and software footprints (physical size, internal memory, RAM/ROM). Due to the difficulty in handling conventional cryptographic algorithms, lightweight ciphers consist of small key sizes, block sizes and few operational rounds. Unlike in the past, affordability to perform side-channel attacks using inexpensive electronic circuitries is becoming a reality. Hence, cryptanalysis of physical leakage in these emerging ciphers is crucial. Among existing studies, power analysis seems to have enough attention in research, whereas other aspects such as electromagnetic, timing, cache and optical attacks continue to be appropriately evaluated to play a role in forensic analysis. As a result, we started analysing electromagnetic emission leakage of an ultra-lightweight block cipher, PRESENT. According to the literature, PRESENT promises to be adequate for IoT devices, and there still seems not to exist any work regarding correlation electromagnetic analysis (CEMA) of it. Firstly, we conducted simple electromagnetic analysis in both time and frequency domains and then proceeded towards CEMA attack modelling. This paper provides a summary of the related literature (IoT, lightweight cryptography, side-channel attacks and EMA), our methodology, current outcomes and future plans for the optimised results.