Application of Profiled Analysis to ADC-Based Remote Side-Channel Attacks

Remote side-channel attacks are emerging attack vectors that allow attackers to perform side-channel attacks (SCAs) without gaining physical access to the target devices. In particular, remote SCAs using analog-to-digital converters (ADCs) pose a major threat to the embedded devices used in sensor networks. In a previous study, ADC-based SCAs were evaluated using a non-profiled attack technique called correlation power analysis (CPA), which recovers only six out of 16 bytes of Advanced Encryption Standard (AES)-128 keys among 10 million ADC traces. However, when the attack target is an embedded device or some other device that is readily available to attackers, more powerful profiled attacks should be evaluated. In this paper, we introduce a profiled analysis to an ADC-based SCA and show the successful recovery of all 16-byte AES-128 keys from approximately 300k ADC traces under the best measurement condition.