The past decade has seen the rapid deployment of mobile devices with densely packaged system-on-chips (SoCs) with multi-core, high-frequency CPUs and complex pipelines. In parallel, sophisticated SoC-assisted security mechanisms, such as trusted execution environments (TEEs), full-disk and file-based encryption, have also been deployed for protecting sensitive data. Both advancements have dramatically complicated the use of physical attacks, which has recently led to the development of specialised attack methods. In this survey, we consolidate recent developments in physical fault injections (FIAs) and side-channel attacks (SCAs) on modern mobile devices. In total, we comprehensively survey over 50 fault injection and side-channel attack papers published between 2009-2021. We evaluate the prevailing attack methods, compare existing attacks using a common framework, identify several challenges and shortcomings, and suggest future directions of research.
翻译:在过去的十年中,快速部署了具有高压、高频CPU和复杂管道的密集包装系统芯片移动装置(SoCs),同时,还部署了先进的 SoC辅助安全机制,如可信赖的执行环境(TEEs)、全盘和基于文件的加密,以保护敏感数据;这两种进展都使使用人身攻击极为复杂,最近导致专门攻击方法的开发;在这次调查中,我们综合了对现代移动装置的人身过错注射和侧通道攻击的最新发展情况;我们总共全面调查了2009至2021年期间公布的50多份过失注射和侧道攻击文件;我们评估了当前的攻击方法,利用共同框架比较了现有的攻击方法,找出了一些挑战和缺点,并提出未来研究方向。
相关内容
微信扫码咨询专知VIP会员