Featured Articles

Global smartphone market is set for recovery, says new forecast

ExclusiveUK mobile payment service Paym to close in March 2023

News Mark - December 18, 2022

UK mobile payment service Paym will close on 7th March 2023. The service, which allowed users to make and receive payments using their mobile phone numbers, was launched in 2014.

Qualcomm legal action moves forward in the UK

RSS

1 2 3

Opinion Articles

Opinion

Hacking a smartphone by using differential power analysis

MarkSunday, March 11, 2012

Rate article:

No rating

Rate this article:

No rating

Mark Bridge writes:

Mobile security always seems to be on the agenda – but one of the companies demonstrating its services at Mobile World Congress 2012 had a particularly stark warning.

Cryptography Research was demonstrating what’s called differential power analysis (DPA) or side-channel analysis, which can be used to reveal encrypted information from a smartphone or tablet without ever needing to get hold of the device.

I called in to see the company and started by learning a little more about what they actually did.

Carole Coplan, vice president of Business Development, gave me a brief background to the company. It was founded in 1995 by Paul Kocher, who’s perhaps best known for helping to write the Secure Sockets Layer (SSL) 3.0 protocol used for secure communications on the internet.

Paul’s discovery of differential power analysis showed that secret codes could be revealed by analysing the power consumption of semiconductors. At a very simple level, a computer processor that’s working hard will consume more power than a processor that’s not doing much. But you can discover much more than ‘busy’ or ‘not busy’. It’s possible to work out exactly what a processor is doing by monitoring its power consumption – and this monitoring can even be conducted by tracking electromagnetic radiation from several metres away. With the right equipment, you can see every single one of a chip’s processes… and if the chip is using a secret code for payment or authentication, that data can be seen as well.

Dr Pankaj Rohatgi, director of engineering at Cryptography Research, demonstrated the risk to security. Using a radio receiver bought from eBay for $300, an off-the-shelf radio antenna and a digitiser/oscilloscope, the ‘0’ and ‘1’ bits of a supposedly secure key could be seen on screen. Although the maximum range of this demonstration was only a few metres, the increasing use of NFC services – and the ability to install a thin wire aerial near to a legitimate NFC reader – would certainly give cause for concern.

Fortunately, as Carole Coplan explained, well-established processes such as NFC payment cards were already protected by licensed patents from Cryptography Research – and many of the NFC chips in smartphones and tablets also have built-in ‘DPA countermeasures’ to protect them. In fact, last year more than 6 billion security products were made under a license from Cryptography Research.

Should consumers be worried about ‘hacking’ via power analysis? For most people, I’d say the answer’s ‘no’. But for organisations that are relying on smartphones and tablets to store or process secure information, it’s wise to remember the words of Star Trek’s Chief Engineer Montgomery Scott on the USS Enterprise.

“I cannot change the laws of physics”, said Scotty... although he did often made them work to his advantage.

Listen to my full interview with Carole Coplan and Pankaj Rohatgi on TheFonecast.com. via iTunes, by subscribing to our RSS feed or by downloading the MP3.

Comments

Collapse Expand Comments (0)

You don't have permission to post comments.

Recent Podcasts

ExclusiveThe week's top mobile news stories: Vodafone expands, EE celebrates and Europe prepares

Podcasts Mark - March 18, 2014

We begin this week's programme by looking at Vodafone's acquisition plans in Spain before moving on to discuss universal mobile chargers and 4G roaming.

There's also time to talk about UK mobile coverage, EE's new customer tracking service, contactless transactions and a smartphone camera that can identify objects hidden behind something else.

ExclusiveJohan Lodenius of MediaTek talks about wearable devices, smartphone evolution and the importance of driving costs down

Podcasts Mark - March 12, 2014

This year's Mobile World Congress was notable for the number of product launches by handset manufacturers. To get a better understanding of smartphone manufacturing, we spoke to Johan Lodenius of semiconductor company MediaTek.

He gave us a simple overview of how 'fabless' manufacturing works, discussed developments in smartphones and wearable devices, contemplated the end of the PC era and talked about the importance of driving costs down.

ExclusiveMobile payments, new smartphones, wearable devices, connected cars, CeBIT and David Cameron

Podcasts Mark - March 11, 2014

This week's programme opens with a quick look at David Cameron's commitment to 5G technology and the Internet of Things, which was made in a speech at CeBIT.

Iain and Mark then move on to talk about the other big mobile news headlines from the past few days, including the forthcoming Paym m-payment service, new HTC and LG smartphones, the growth of Chinese handset manufacturers, wearable devices, in-car connectivity and damaged iPhones.

ExclusiveThe rise of OTT messaging and the future of SMS: we talk to Stacy Adams of mBlox

Podcasts Mark - March 7, 2014

Messaging was very much on the agenda at Mobile World Congress this year, following Facebook's announcement that it was planning to acquire WhatsApp in a 19 billion dollar deal. So if the future for this type of internet-based 'over the top' messaging service looks good, what does this mean for SMS?

To find out more, we spoke to Stacy Adams of mBlox to learn what was happening in the messaging world, to find out how SMS is being integrated with mobile apps - and to discover some of the other ways SMS was being used by businesses today.

ExclusiveWe talk about 4G LTE coverage and device sensors with OpenSignal at Mobile World Congress

Podcasts Mark - March 6, 2014

Even at Mobile World Congress, the relevance of the mobile network operator can sometimes be forgotten. So for a different perspective on this year's event, we spoke to Samuel Johnston from British mobile crowd-sourcing firm OpenSignal.

Samuel discussed the announcements from MWC14 and OpenSignal's latest report into 4G LTE coverage around the world, as well as giving us an exclusive insight into OpenSignal's next research subject.

RSS

First Previous 5 6 7 8 9 10 11 12 13 14 Next Last

Follow thefonecast.com

Archive Calendar

May 2026

Mon

Tue

Wed

Thu

Fri

Sat

Sun

Search

Featured Articles

ExclusiveOfcom helps protect customers against unexpected roaming charges

ExclusiveGlobal smartphone market is set for recovery, says new forecast

ExclusiveVodafone and Three plan to merge their UK businesses