Side Channel Analysis (SCA) attacks are commonly used for extracting the secret key of cryptographic engines found in modern devices. They exploit side channels, such as Timing, Power and Electromagnetic (EM) leaks, to obtain information about the secret key used by the cryptography algorithm. Even though these type of attacks were traditionally performed on smart cards, they are effective on embedded devices as well.
Even the strongest cryptography algorithms, such as AES, are susceptible to SCA attacks, especially if no countermeasures are in place. That’s why, Ledger Dojon’s discovery that the key used by the flash encryption feature of the ESP32 chip could be extracted through a power analysis attack, was not surprising. Nonetheless, their in-depth research is very cool and we definitely recommend to watch their Black Hat presentation and read their paper. Espressif released an advisory related to their research results.
Ledger’s research inspired us, especially because we use the ESP32 chip for our hardware security trainings, to break the hardware AES engine using a power analysis attack as well. The results of this activity are described in this blog post. Other interesting examples include SCA attacks on the iPhone (EM), Xbox 360 (Timing) and ARMv8 Cryptographic Extensions (CE) (EM).