Cryptology ePrint Archive: Report 2018/076

EM Analysis in the IoT Context: Lessons Learned from an Attack on Thread

Daniel Dinu and Ilya Kizhvatov

Abstract: The distinguishing feature of the Internet of Things is that many devices get interconnected. The threat of side-channel attacks in this setting is less understood than the threat of traditional network and software exploitation attacks that are perceived to be more powerful.

This work is a case study of Thread, an emerging network and transport level stack designed to facilitate secure communication between heterogeneous IoT devices. We perform the first side-channel vulnerability analysis of the Thread networking stack. We leverage various network mechanisms to trigger manipulations of the security material or to get access to the network credentials. We choose the most feasible attack vector to build a complete attack that combines network specific mechanisms and Differential Electromagnetic Analysis. When successfully applied on a Thread network, the attack gives full network access to the adversary. We evaluate the feasibility of our attack in a TI CC2538 setup running OpenThread, a certified open-source implementation of the stack.

The full attack does not succeed in our setting. The root cause for this failure is not any particular security feature of the protocol or the implementation, but a side-effect of a feature not related to security. We summarize the problems that we find in the protocol with respect to side-channel analysis, and suggest a range of countermeasures to prevent our attack and the other attack vectors we identified during the vulnerability analysis.

In general, we demonstrate that elaborate security mechanisms of Thread make a side-channel attack not trivial to mount. Similar to a modern software exploit, it requires chaining multiple vulnerabilities. Nevertheless, such attacks are feasible. Being perhaps too expensive for settings like smart homes, they pose a relatively higher threat to the commercial setting. We believe our experience provides a useful lesson to designers of IoT protocols and devices.

Category / Keywords: applications / mesh network, IEEE 802.15.4, AES-CCM, HMAC, DPA, DEMA

Original Publication (in the same form): IACR-CHES-2018

Date: received 17 Jan 2018

Contact author: dumitru-daniel dinu at uni lu

Available format(s): PDF | BibTeX Citation

Version: 20180118:125926 (All versions of this report)

Short URL: ia.cr/2018/076


[ Cryptology ePrint archive ]