Security of RF devices

Information systems are now massively integrated into both industry and administration processes. Thus, their security is matter of importance especially when considering the storing and exchange of sensitive data. Sensitive data is also called “red” data, in opposition with the non-sensitive (or protected by encryption) “black” data. This crucial challenge is present at multiple scales, and leads to the emergence of different security fields linked to data protection (defense protocols) and to data interception (attack protocols)

Since few years, a new threat has emerged with the detection of the red data due to unwanted phenomena. This attack is done trough an over the air interception and thus is difficult to detect. These kind of attacks (called TEMPEST attacks by the NSA) consist in detecting an hidden channel that bear the sensitive information and then decode the “red” information . This unwanted channel may exist due to different physical phenomena such as electro-magnetic coupling, radio frequency leakages, or mechanical mechanisms.

In GRANIT team we have a strong interest on these kind of thread among two main axis:
– We make thorough analysis on some potential security beaches on existing standards (Bluetooth, Zigbee…) and boards (System On Chips)
– We also conduct studies and analysis on how Software Defined Radio (SDRs) can increase the criticality of TEMPEST attacks making discrete, compact, long range interception devices handy. On this particular aspects, efficient use of SDR is of importance due the large bandwidths and the harsh real time constraints encountered.

Some key publications :

[1] C. Lavaud, R. Gerzaguet, M. Gautier, O. Berder, E. Nogues, S. Molton, Whispering devices: A survey on how side-channels lead to compromised information, Journal Hardware and Systems Security, Springer, 2021.

[2] C. Lavaud, R. Gerzaguet, M. Gautier, O. Berder, AbstractSDRs: Bring down the two-language barrier with Julia Language for efficient SDR prototyping, IEEE Embedded Systems Letters, Institute of Electrical and Electronics Engineers, 2021, pp.1-1.

Comments are closed.