CAPEC-622
Electromagnetic Side-Channel Attack
Low
Draft
2015-11-09
00h00 +00:00
00h00 +00:00
2018-07-31
00h00 +00:00
00h00 +00:00
Alerte pour un CAPEC
Stay informed of any changes for a specific CAPEC.
Descriptions CAPEC
In this attack scenario, the attacker passively monitors electromagnetic emanations that are produced by the targeted electronic device as an unintentional side-effect of its processing. From these emanations, the attacker derives information about the data that is being processed (e.g. the attacker can recover cryptographic keys by monitoring emanations associated with cryptographic processing). This style of attack requires proximal access to the device, however attacks have been demonstrated at public conferences that work at distances of up to 10-15 feet. There have not been any significant studies to determine the maximum practical distance for such attacks. Since the attack is passive, it is nearly impossible to detect and the targeted device will continue to operate as normal after a successful attack.
Informations CAPEC
Prerequisites
Proximal access to the device.Skills Required
Sophisticated attack, but detailed techniques published in the open literature.Mitigations
Utilize side-channel resistant implementations of all crypto algorithms.Strong physical security of all devices that contain secret key information. (even when devices are not in use)
Related Weaknesses
| Weakness Name | |
|---|---|
CWE-201 |
Insertion of Sensitive Information Into Sent Data The code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor. |
Submission
| Name | Organization | Date | Date release |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Modifications
| Name | Organization | Date | Comment |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Attack_Motivation-Consequences |
2025©
tesweb SA
