Side-channel Analysis of Subscriber Identity Modules
Abstract
Subscriber identity modules (SIMs) contain useful forensic data but are often locked with a PIN code that restricts access to this data. If an invalid PIN is entered several times, the card locks and may even destroy its stored data. This presents a challenge to the retrieval of data from the SIM when the PIN is unknown. The eld of side-channel analysis (SCA) collects, identi es, and processes information leaked via inadvertent channels. One promising side-channel leakage is that of electromagnetic (EM) emanations; by monitoring the SIM's emissions, it may be possible to determine the correct PIN to unlock the card. This thesis uses EM SCA techniques to attempt to discover the SIM card's PIN. The tested SIM is subjected to simple and di erential electromagnetic analysis. No clear data dependency or correlation is apparent. The SIM does reveal information pertaining to its validation routine, but the value of the card's stored PIN does not appear to leak via EM emissions. Two factors contributing to this result are the black-box nature of PIN validation and the hardware and software SCA countermeasures. Further experimentation on SIMs with known operational characteristics is recommended to determine the viability of future SCA attacks on these devices.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jun 01, 2013
- Accession Number
- ADA586578
Entities
People
- John A. Hearle
Organizations
- Air Force Institute of Technology