In recent years, the limits of electromagnetic side-channel attacks have been significantly expanded. However, the discovery of new fundamental phenomena about compromising electromagnetic emanations remains limited. In this presentation, we examine work that identifies a novel form of modulation produced by unintentional electromagnetic emanations: phase-modulated emanations. This observation enables the extraction of a side-channel leakage that can be exploited to reveal secret cryptographic material. We introduce a technique allowing us to exploit this side-channel in order to perform a full AES key recovery, using cost-effective and common hardware equipment like a software-defined radio (SDR). Additionally, we discuss the consequences of this finding – which significantly improves attacks performance – and analyze its root cause.
Bio
Pierre Ayoub is specialized into low-level computer and radio security, currently working at LAAS-CNRS in Toulouse (France) as a postdoctoral researcher on wireless and IoT security. He obtained his PhD in 2024 at EURECOM in Sophia-Antipolis (France), under the supervision of Aurélien Francillon, Clémentine Maurice and Romain Cayre. He focused on novel electromagnetic side-channel attacks, such as Screaming Channels and its security implications for IoT protocols like the Bluetooth Low Energy, and electromagnetic emanations characterization and exploitation.