Hi, I’m a newbie and am considering getting into ChipWhisperer. However I noticed that most of the attacking is done on target boards from ChipWhisperer. Currently I am doing a password bypass tutorial and am thinking whether this could be applicable to other devices like my phone and would it be any different from using a target board to do so?
Power analysis is definitely possible on more complicated devices. Shunt resistors often aren’t very practical, so you’re better off using an H-Field probe. I’m not aware of any power analysis attacks on phones specifically, but there’s power analysis attacks on even x86 cores: https://platypusattack.com/platypus.pdf
You can also do voltage glitching attacks on these devices. We have a glitch example on the Raspberry Pi. I know we also have a video of the same glitching on a mobile phone as well, but I’m not sure where it is off the top of my head.
Thank you for your response!
Do you know of any setup that I may need to prepare if I were to carry out the experiment on my phone? Especially on the H-field probe!
Hope to hear form you soon!
The HField Probe is pretty noninvasive - there’s no need to insert a shunt resistor or anything like that, you can simply hold the probe over the chip you’re interested. Decoupling capacitors are also a good location to probe. One thing I hadn’t considered is that might be pretty difficult is to get a trigger out of a phone as I’m guessing you don’t really get access to any GPIO pins.
Something easier would be to use a Raspberry Pi if you’ve got one around, as the processor will be similar to one used on a phone and you’ll have easy access to a GPIO pin to trigger the ChipWhisperer with. You also don’t have to open your phone to get physical access to the pins.
Also, here’s a video demonstrating using an H-Field probe on a target: https://www.youtube.com/watch?v=zmGKZw_txJc