CAPEC-622
Electromagnetic Side-Channel Attack
Niedrig
Draft
2015-11-09
00h00 +00:00
00h00 +00:00
2018-07-31
00h00 +00:00
00h00 +00:00
Benachrichtigung für ein CAPEC
Bleiben Sie über alle Änderungen zu einem bestimmten CAPEC informiert.
CAPEC-Beschreibungen
In this attack scenario, the attacker passively monitors electromagnetic emanations that are produced by the targeted electronic device as an unintentional side-effect of its processing. From these emanations, the attacker derives information about the data that is being processed (e.g. the attacker can recover cryptographic keys by monitoring emanations associated with cryptographic processing). This style of attack requires proximal access to the device, however attacks have been demonstrated at public conferences that work at distances of up to 10-15 feet. There have not been any significant studies to determine the maximum practical distance for such attacks. Since the attack is passive, it is nearly impossible to detect and the targeted device will continue to operate as normal after a successful attack.
CAPEC-Informationen
Voraussetzungen
Proximal access to the device.Erforderliche Kenntnisse
Sophisticated attack, but detailed techniques published in the open literature.Gegenmaßnahmen
Utilize side-channel resistant implementations of all crypto algorithms.Strong physical security of all devices that contain secret key information. (even when devices are not in use)
Verwandte Schwachstellen
| Name der Schwachstelle | |
|---|---|
CWE-201 |
Insertion of Sensitive Information Into Sent Data The code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor. |
Einreichung
| Name | Organisation | Datum | Veröffentlichungsdatum |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Änderungen
| Name | Organisation | Datum | Kommentar |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Attack_Motivation-Consequences |
