See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/320102039

Recovering AES-128 Encryption Keys from a Raspberry Pi

Conference Paper · September 2017

CITATIONS READS

5 2,825

2 authors:

Ibraheem Frieslaar Barry Irwin

Rhodes University Noroff University College
13 PUBLICATIONS 33 CITATIONS 173 PUBLICATIONS 757 CITATIONS

SEE PROFILE SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Decentralised Identity View project

Network Traffic View project

All content following this page was uploaded by Ibraheem Frieslaar on 29 September 2017.

The user has requested enhancement of the downloaded file.

 Recovering AES-128 Encryption Keys from a
Raspberry Pi
Ibraheem Frieslaar∗ , † , 1 , Barry Irwin∗ , † , 2
∗ Department of Computer Science, Rhodes University, Grahamstown, South Africa.
† Council for Scientific and Industrial Research, Pretoria, South Africa.
1 ifrieslaar@csir.co.za,2 b.irwin@ru.ac.za
Abstract—This research is the first of its kind to perform
a successful side channel analysis attack on a symmetric en-
cryption algorithm executing on a Raspberry Pi. It is demon-
strated that the AES-128 encryption algorithm of the Crypto++
library is vulnerable against the Correlation Power Analysis
(CPA) attack. Furthermore, digital processing techniques such
as dynamic time warping and filtering are used to recovery the
full encryption key. In Addition, it is illustrated that the area
above and around the CPU of the Raspberry Pi leaks out critical
and secret information.
Index Terms—AES-128, Electromagnetic, Raspberry Pi, Side
Channel Analysis,
I. I NTRODUCTION
The growth of the Internet of Things (IoT) has driven
society to incorporate multiple devices into their daily lives.
These devices are located in homes, businesses, and even
entire cities. Although, this has enhanced user experience and
assisted in the comfort and ease of daily activities, it poses
a significant security threat. The vulnerabilities of these IoT
devices was demonstrated as they were used to carry out a
Distributed Denial of Service (DDoS) attacks on a French
hosting provider OVH [1]. Additionally, a DDoS attack was
carried out against DynDNS [2] which resulted in major
sites and services including GitHub, Reddit, PayPal, Amazon,
and thousands more to be inaccessible to billions of people
worldwide.
The urgency to protect our IoT devices has become imper-
ative as vulnerabilities will lead to critical information such
as credit card details, bank details, home security passwords
and much more being stolen and used in fraudulent activities.
Therefore, our digital transactions and activities needs to be
secured and protected.
Cryptographic applications has been introduced to secure
information. These applications obfuscate the information to
prevent the interception of private and critical data. Theo-
retically, cryptographic algorithms are mathematically secure.
However, the implementation of these algorithms are suscepti-
ble to side channel analysis (SCA) attacks. Traditionally, the
research community has focused on SCA attacks based on
smartcards, RFID tags, FPGAs and microcontrollers [3]–[5].
However, in the last few years a paradigm shift has unfolded
where the research community are targeting the vulnerabilities
of high powered devices such as laptops and smartphones
against SCA attacks [6]–[8].
This research investigates the susceptibility of a block-
cipher implementation on a high powered device against SCA
attacks. The investigation will focus on the Advanced Encryp-
tion Standard (AES) cryptographic algorithm of the Crypto++
library executing on a Raspberry Pi 2. This research is the
first of it’s kind to perform a SCA attack against the AES-
128 algorithm executing on a Raspberry Pi 2. Furthermore,
the following questions are highlighted:
1) How exposed is the implementation of the AES-128
encryption algorithm based on the Crypto++ library?
2) What physical channels can be used for the attacks?
3) Can existing SCA techniques be used to recover secret
information?
4) How expensive are such attacks, would cheap off the
shelf equipment be required?
The remainder of this paper is organized as follows: Sec-
tion II discusses research in the field of SCA attacks against
high powered devices; Section III details the methodology
of this research; followed by the results and analysis in
Section IV; finally the paper is concluded with a discussion
in Section V.
II. R ELATED W ORK
As mentioned in Section I SCA attacks on small embed-
ded devices has been extensively researched against various
cryptographic schemes, particular by utilising electromagnetic
(EM) emanations [3]–[5]. EM emanations are captured from
devices and subsequently used to retrieve the secret informa-
tion. An advantage of using EM measurements, is that it does
not require the attacker to have direct contact with the device.
Therefore, EM Attacks are less intrusive than the conventional
power analysis [3].
There has been various SCA attacks against PCs. These
attacks range from recovering secret keys from various cryp-
tographic algorithms such as RSA. ELGamal and ECDH [6],
[9], [10] . However, for this research the focus will remain
on SCA attacks against smartphones and ARM architectures.
Therefore, the rest of this section will detail the research
involving attacks against smartphones and ARM devices.
Aboulkassimi et al. [11] performed EM attacks on sym-
metric ciphers at a high bandwidth rate, i.e: capturing signals
at the device clock rate frequencies on a Java based cellphone.
Furthermore, Goller and Sigl [12] implemented attacks on the
RSA [13] public key algorithm on an Android smartphone
executing RSA.
 Nakano et al. [14] attacked an Android smartphone using
low frequency attacks. The smartphone ran at 832 MHz. Their
attacks focused on the RSA and Elliptic curve cryptography
(ECC) encryption implementations. Kenworthy and Rohatgi
achieved a non-invasive low-frequency attack against RSA
running various smartphones [15]. Due to security reasons,
they do not mention the make or model of the smartphones.
Furthermore, they demonstrated attacks against the ECC.
Belgarric et al. [7] and Genkin et al. [8] concurrently
introduced an invasive low frequency attack on the Elliptic
Curve Digital Signature Algorithm (ECDSA) implementation
of Android’s BouncyCastle library. A difference between the
two studies was that Belgarric et al. placed the magnetic
probe inside the smartphone where as Genkin et al. placed
the magnetic probe in close proximity of the device. Addi-
tionally, Genkin et al. demonstrated that they were able to
successfully recover the secret ECDSA signing keys from
OpenSSL running on an iOS devices and partial keys from
an Android device. Furthermore, they exhibit the ability to
recover the secret keys from Corebitcoin off an iOS device.
Their experimental setup comprised of cheap, compact and
easily available equipment such as sound cards and makeshift
electromagnetic probes
Balasch et al. demonstrated a Differential Power Analysis
(DPA) attacks against the bitsliced AES encryption algorithm
running on a BeagleBone Black ARM development board
[16]. The processor used was an ARM Cortex-A8 proces-
sor running at 1 GHz. The EM probe was placed over a
decoupling capacitor which was situated closely to the CPU.
Furthermore, Galea et al. performed a similar attack against
the device. However, their attacks were at lower frequencies
[17]. The results in these studies illustrates that symmetric key
encryption running on high powered devices are vulnerable to
SCA attacks. However, both studies physically glued the EM
probe onto the area of leakage and focused on specialised
hardware.
Based on the research discussed in this section. it is clearly
outlined that high powered devices are susceptible to SCA
attacks. The attacks against high powered devices are fairly
new and many cryptographic algorithms and hardware has
not been put under scrutiny based on SCA attacks. Therefore,
this research will be the first to take up the mantle to perform
SCA attacks against a Raspberry Pi executing a symmetric
encryption algorithm. Furthermore, this research will use
inexpensive and easily available equipment to capture EM
emanations.
III. M ETHODOLOGY
This section is separated in to three subsections which fo-
cuses on the data collection, attack procedure, and equipment
used in this research. Subsection III-A details the equipment
and parameters used to capture EM emanations from the
devices under attack; subsection III-B discusses the process
of collecting and processing the data; and finally subsection
III-C elaborates on the attack procedure to recover the secret
information.
A. Equipment
This research used two Raspberry Pi 2’s, a FUNcube
Dongle Pro+ which is a software defined radio (SDR) 1 , and a
electromagnetic (EM) probe. The first Raspberry Pi served as
the victim and the secondary Pi was the attacker. The Lubuntu
14.04 operating system and the Linux 3.18.0-20-rpi2 kernel
were used. The victim executed the AES-128 algorithm in the
Crypto++ library. No services were disabled on the device as
the objective was to keep the conditions close to a real world
scenario. However, the victim’s maximum CPU frequency
was set to 600 MHz. This prevents the CPU from using
internal step-up controls to adjust power and CPU frequency.
By keeping the CPU at a constant frequency it enabled the
research to capture signals at a fixed range, instead of scanning
between the 600 – 900 MHz. The research mentioned in
Section II also used a fixed frequency [9], [16].
No adjustments were made to the attackers CPU fre-
quency. The FUNcube dongle was inserted into a usb port
and GNURadio was used to interface with the device. The
attacker ran GNURadio to intercept the EM data from the
victim while it executed the encryption algorithm. GNU Radio
is a free software development toolkit that provides signal
processing blocks to implement software-defined radios and
signal-processing systems. Fig. 1 illustrates the setup of the
two Raspberry Pi’s, on the right is the attacker with the
FUNCube dongle and the EM probe connected to it. The EM
probe is placed over the CPU of the victim.
Fig. 1. The experimental setup of the two Raspberry Pi’s.
B. Data Collection and Processing
This subsection details the experimental setup in this re-
search. The setup procedure to recover the secret information
comprises of two stages. These two stages are the capture
data and analysis data phase.
Fig. 2. The signal as it is displayed through a fast Fourier transform (FFT).
While the victim executes the AES encryption algorithm
the attacker uses GNURadio to intercept the EM emanation
1 For a detailed specification list the reader is referred to http://www.
funcubedongle.com/?page id=1201
from the device. On each execution the attacker records
the telemetry. Each recording is captured at 384KHz. Fig
2 illustrates the raw signal after it was processed through
a Fast Fourier Transform (FFT). Fourier analysis converts
a signal from its original domain to the frequency domain.
Additionally, the amplitude of the frequency is represented
by the intensity of each point in the image.
The signal was passed through a low and high pass filter
with a cut off frequency of 25KHz and a transition width
of 15KHz. Furthermore, quadratic demodulating was applied
with a gain of one. Finally, an additional low pass filter is
used with a cutoff frequency of 37.5KHz and transition width
of 18.75KHz. Fig 3 illustrates a sample trace after digital
processing has been applied

Fig. 4. Flow diagram of the procedure to align the signal.

is sent to the resync phase, where peak detection and the

Fig. 3. A sample trace after digital processing has been applied.
Genkin et al. [8] mentioned in their work that they spent
thousand of hours attempting to find a perfect alignment for
the traces. They attempted multiple techniques and variations.
This research will follow a similar approach by segmenting
the traces and performing alignment techniques on the signals.
The procedure to align the traces is depicted in Fig. 4.
The first step is to segment the signal into three smaller
groups. Genkin et al. [8] mentions that it is easier to align
the signal when they are in a smaller state. The segmented
signals are aligned by using a technique known as Elastic
alignment. Elastic alignment attempts to align the signal based
on Dynamic Time Warping (DTW) [18].
DTW is used in speech recognition to align speech patterns.
The problem in speech recognition is when two similar
utterances with differences in timing needs to be aligned.
Sakoe et al. demonstrated that using dynamic programming
they were able to match these utterances using a nonlinear
time path [19]. The elastic alignment algorithm first computes
the DTW of the samples. Upon acquiring this information
the algorithm aligns the two signals. For a comprehensive
explanation of the elastic alignment technique, the reader is
referred to [18]. Research has shown that using this algorithm
significantly increases the success rate of a side channel attack
[5], [18]
Upon alignment the segmented signals are joined to form
one signal. The aligned data is sent to the attack procedure.
The attack procedure uses Correlation Power Analysis (CPA)
to recover the encryption keys. If the attack fails, the data
sum of absolute differences (SAD) techniques are used to
compensate for trigger jitter and phase shift. There are various
combinations that can be used to resync the data, examples
of a few possibilities is applying one layer of peak detection
and two layers SAD; three layers of peak detection and no
SAD; and so forth. Once resync has been applied the attack
procedure is carried out again.
Another scenario is to apply denoising before the first
attack or after resyncing. Alternatively, it can be applied after
the alignment. Savitzky and Golay (S&G) [20] digital filter
is used for denoising. Their research demonstrated that the
smoothing reduces noise while preserving the peaks in the
waveform [21]. Figure 5 depicts a comparison between the
original and signal and the signal after S&G filter has been
applied.
C. Attack Procedure
This section explains the attack procedure used in this
research to recover the secret key. This research uses the
CPA attack methodology. It has been well documented that
the Differential Power Analysis (DPA) is outperformed by the
CPA [22]. The DPA technique requires thousands of power
traces to retrieve the secret key whereas the CPA approach
only requires a few traces. The CPA approach is much faster
and more accurate than DPA since it looks at the correlation
between all the key guesses. For a detailed explanation of the
mathematical approach of the correlation equation the reader
is referred to [22].
To obtain the secret key from the AES-128 algorithm, four
steps were followed:
1) While the AES-128 algorithm was executing the en-
cryption algorithm, the EM traces along with its corre-

(a) Original Signal.
(b) Signal after digital processed
Fig. 5. A sample of the (a) The original signal and (b) the signal after S&G
filter has been applied.
sponding input text were captured;
2) The hamming weight power leakage model was imple-
mented where the guess of a key byte is used with a
known input text;
3) The correlation equation was implemented to run
through all the captured power traces;
4) A ranking procedure was created that predicted the most
likely key based on the correlation accuracy.
The AES-128 cryptographic algorithm is attacked at the
point the secret key is sent to the lookup table (S-Box). Upon
acquiring the EM traces (data), a power leakage model is
implemented with a guessing procedure. The system loops
through one subkey at a time and guesses every possible
outcome for that subkey. These guess values range from
0 – 255. The next phase is to calculate the corresponding
intermediate value of that guess. The value of each guess
is converted to its binary representation of the value, with
the total number of 1’s summed up to determine the weight.
This is referred to the hamming weight power model. It is
known that the encryption algorithm has 16 subkeys [23] and
since each subkey is attacked one at a time there is only 212
possibilities to predict the correct secret key. Furthermore,
to achieve a ranking system the correlation of each guess
is stored and the guess with the maximum correlation is
predicted to be the subkey.
IV. R ESULTS AND A NALYSIS
This section will elaborate on the experiments and results
carried out in this research. Based on the related studies
this research focused on placing the EM probe above the
CPU and voltage regulator. During the early experimental
phase the system was able to extract data from the voltage
regulator. However, the data was unusable for the attack
sequence. Furthermore, the system was able to recover usable
EM information from the CPU. Therefore in this section all
data acquired was from the EM emanations leaked out by the
CPU.
The first experiment was designed to determine if it was
possible to retrieve secret information from the EM ema-
nations leaked out of the CPU. The victim executed the
AES encryption 30 times while the attacker captured the EM
emanations. After each execution, there was a two second wait
period before the next execution took place. This is to cater
for the built in interrupt timers of the raspberry Pi. Once the
signal was demodulated, the data was used directly for the
CPA attack. Using the CPA attack the system was able to
retrieve one subkey.
Having obtained this information only elastic alignment
was applied to the 30 traces. The elastic alignment technique
depends on using one trace as a reference trace and dynamicly
aligning all traces to be similar to that of the reference trace.
The aligned data was used as input for the CPA attack. Since
the alignment is depending on the reference traces, the system
performed 30 CPA attacks by using each trace as a reference
on each CPA attack. This approach provided the recovery of
six subkeys of the required 16 subkeys. Furthermore, Table I
illustrates which subkey was recovered.
Taking into account that the system was able to retrieve
six subkeys based on elastic alignment alone, it is possible
to retrieve all the subkeys off the secret key if the data
was aligned perfectly. Therefore, the system was modified
to include additional digital processing techniques as seen in
Figure 4 and described in Section III.
The next experiment involved capturing a 100 new traces
and applying all the digital processing techniques mentioned
earlier. Empirically it was determined that separating the
signal into smaller segments would yield better results as the
elastic alignment does not have to focus on aligning the entire
signal but aligning smaller parts of the signal. Figure 6 depicts
the traces being separated into three smaller groups. Each
sample trace consists of 2500 points, thus the three groups
ranged from points 0 – 500, 501 – 1500, and 1502 – 2500.
Furthermore, Elastic alignment was applied to the segmented
signals, followed by the resync and denoise procedure.
Since the attack procedure allows to attack each subkey
individually the system was designed to apply the various
alignment techniques at different stages. Following this ap-
proach the system was able to successfully retrieve 12 of the
16 subkeys used by the AES-128 algorithm to encrypt data.
Fig 7 depicts the success ratio of the system. The success
ratio was calculated by dividing the recovered subkeys over
 TABLE I
T HE SIX SUBKEYS THAT WERE RECOVERED

Subkey
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Recovered - Y - - Y Y - - Y - - - - Y Y -

Although only 12 of the 16 subkeys were recovered.

The remaining 4 subkeys was easily guessed by applying
brute force. Therefore, the attack procedure included a C++
program to guess the four remaining subkeys. Each subkey
has 256 possibilities, the permutation of the four subkeys
was generated and compared until the correct subkeys was
achieved. Furthermore, the remaining four subkeys were
(a) Segment 0 – 500. changed to determine the average time to obtain the correct
subkeys as keys change over time. Since this research knows
the secret key, it is trivial to stop searching for subkeys when
the correct subkey is retrieved. However, if the key was not
known, knowing when to stop searching becomes a daunting
task and is beyond the scope of this paper.
Table II indicates the time taken to recover the remaining
four subkeys. the table depicts the fastest, slowest and average

(b) Segment 501 – 1500. TABLE II

T IME TAKEN TO BRUTE FORCE FOUR SUBKEYS IN SECONDS .

Time (s)
Quickest 3.3
Mean 141.36
Slowest 362.3

time taken to guess the correct subkeys. The fastest time

(c) Segment 1501 – 2500.
required was 3.3 seconds, followed by the slowest time of
362.3 seconds. This resulted in an average time of 141.36
Fig. 6. The three separated signals ranging from points 0 – 500(a), 501 –
1500(b), and 1501 – 2500(c). seconds. In addition, it is noted that on most occasions the
time taken to recover the remaining subkeys was 58.5 seconds.

Clean 6.25% V. D ISCUSSION AND C ONCLUSION

Elastic Alignment 37.5% This research is the first to attack and successfully recover
AES-128 encryption keys off a Raspberry Pi by utilizing side
All Techniques 75%
channel techniques. The results indicates that the Raspberry Pi
was vulnerable to SCA attacks even though it is a complicated
0% 20% 40% 60% 80% 100% high powered device executing multi-cores with advance
Success Ratio power management.

Fig. 7. The success ratio of the CPA attack with the addition of various
alignment techniques.
the total subkeys The research was able to recover one subkey
without any digital modification. In addition, by applying
elastic alignment six subkeys were recovered, followed by
12 subkeys using all the techniques available. Although only
partial key recovery was achieved, it is possible to recover
the entire secret key when perfect alignment is achieved or
by using brute force. Additionally, Table III illustrates the
12 subkeys that was recovered. The subkeys 10 – 13 were
not recovered, thus reiterating the need to align the traces
perfectly in order to retrieve the remaining subkeys.
As mentioned in Section I IoT devices are at risk for
various attacks. These devices are not the only devices at
risks. Devices such as satellite TV are vulnerable as the
attacker could intercept and decrypt the signal using the
stolen encryption keys. The decrypted signal can be used
and distributed to others without paying, thus resulting in
companies loosing revenue. Furthermore, our cellphone calls
would also be exposed and leaked to various third parties if the
encryption keys were stolen. Services like pay-per-view and
video streaming would be susceptible as the attacker could
pretend to be the streamer and make millions of dollars. Since
the arrival of Digital Economy the use of IoT, smartphones
and other devices has expanded specifically to include tasks
such as banking, social networking, e-commerce and bitcoin
 TABLE III
T HE 12 SUBKEYS THAT WERE RECOVERED
1 2 3 4 5 6 7 8
Recovered Y Y Y Y Y Y Y Y
transactions on a regular basis Therefore, it is fundamentally
important to ensure that all devices are protected as a comprise
would lead to financial and socio-economic disaster.
This work has strongly answered the questions that was
set out in the Section I. The AES-128 encryption algorithm
of the Crypto++ library was shown to be vulnerable against
the CPA attack even when executing on a high powered device
such as a Raspberry Pi. Secondly, the area above and around
the CPU of the Raspberry Pi leaks out critical and secret
information. Furthermore, this research has demonstrated that
existing attacks and digital processing techniques can be
used to enhance and increase the attack accuracy. Finally,
the equipment used to carry out the attack was obtained at
relatively low cost of $200. Therefore, it was possible to steal
information using cheap and read available equipment from a
high powered device.
VI. F UTURE W ORK
Based on the results it is desired to create a system that
would automatically take the input data, apply alignment tech-
niques and perform attacks repeatedly until the entire secret
key is recovered such as [24]. Additionally, an evaluation
of microcontroller countermeasure should be carried out on
these high powered devices. Furthermore, newer models of
the Raspberry Pi should be investigated as well.
ACKNOWLEDGEMENT
This work was undertaken as part of the Distributed Multi-
media CoE at Rhodes University, with financial support from
the Information Security Competency Area within Modelling
and Digital Science at the CSIR, Telkom SA, Tellabs/ CO-
RIANT, Easttel, Bright Ideas 39, THRIP and NRF SA (UID
90243). The authors acknowledge that opinions, findings and
conclusions or recommendations expressed here are those of
the author(s) and that none of the above mentioned sponsors
accept liability whatsoever in this regard.
R EFERENCES
[1] P. Paganini, “Ovh hosting hit by 1tbps ddos attack.” [On-
line]. Available: http://securityaffairs.co/wordpress/51640/cyber-crime/
tbps-ddos-attack.html
[2] R. Button, “Dyn (dyndns) ddos attack.” [Online]. Available: http:
//www.red-button.net/blog/dyn-dyndns-ddos-attack/
[3] K. Gandolfi, C. Mourtel, and F. Olivier, “Electromagnetic analysis: Con-
crete results,” in International Workshop on Cryptographic Hardware
and Embedded Systems. Springer, 2001, pp. 251–261.
[4] T. Plos, M. Hutter, and M. Feldhofer, “Evaluation of side-channel
preprocessing techniques on cryptographic-enabled HF and UHF RFID-
tag prototypes,” in Workshop on RFID Security, 2008, pp. 114–127.
[5] I. Frieslaar and B. Irwin, “Investigating multi-thread utilization as a
software defence mechanism against side channel attacks,” in Proceed-
ings of the 8th International Conference on Signal Processing Systems.
ACM, 2016, pp. 189–193.
View publication stats
Subkey
9 10 11 12 13 14 15 16
Y - - - - Y Y Y
[6] D. Genkin, I. Pipman, and E. Tromer, “Get your hands off my
laptop: Physical side-channel key-extraction attacks on PCs,” Journal
of Cryptographic Engineering, vol. 5, no. 2, pp. 95–112, 2015.
[7] P. Belgarric, P.-A. Fouque, G. Macario-Rat, and M. Tibouchi, “Side-
channel analysis of weierstrass and koblitz curve ecdsa on an-
droid smartphones,” in Cryptographers Track at the RSA Conference.
Springer, 2016, pp. 236–252.
[8] D. Genkin, L. Pachmanov, I. Pipman, E. Tromer, and Y. Yarom, “Ecdsa
key extraction from mobile devices via nonintrusive physical side
channels,” in Proceedings of the 2016 ACM SIGSAC Conference on
Computer and Communications Security. ACM, 2016, pp. 1626–1638.
[9] D. Genkin, L. Pachmanov, I. Pipman, and E. Tromer, “Stealing keys
from PCs using a radio: Cheap electromagnetic attacks on windowed
exponentiation,” in International Workshop on Cryptographic Hardware
and Embedded Systems. Springer, 2015, pp. 207–228.
[10] ——, “ECDH key-extraction via low-bandwidth electromagnetic at-
tacks on PCs,” in Cryptographers Track at the RSA Conference.
Springer, 2016, pp. 219–235.
[11] D. Aboulkassimi, M. Agoyan, L. Freund, J. Fournier, B. Robisson, and
A. Tria, “Electromagnetic analysis (EMA) of software AES on Java
mobile phones,” in Information Forensics and Security (WIFS), 2011
IEEE International Workshop on. IEEE, 2011, pp. 1–6.
[12] N. Golyandina and A. Zhigljavsky, Singular Spectrum Analysis for time
series. Springer Science & Business Media, 2013.
[13] R. L. Rivest, A. Shamir, and L. Adleman, “A method for obtaining
digital signatures and public-key cryptosystems,” Communications of
the ACM, vol. 21, no. 2, pp. 120–126, 1978.
[14] Y. Nakano, Y. Souissi, R. Nguyen, L. Sauvage, J.-L. Danger, S. Guilley,
S. Kiyomoto, and Y. Miyake, “A pre-processing composition for secret
key recovery on android smartphone,” in IFIP International Workshop
on Information Security Theory and Practice. Springer, 2014, pp.
76–91.
[15] G. Kenworthy and P. Rohatgi, “Mobile device security: The case for
side channel resistance,” 2012.
[16] J. Balasch, B. Gierlichs, O. Reparaz, and I. Verbauwhede, “DPA,
bitslicing and masking at 1 GHz,” in International Workshop on
Cryptographic Hardware and Embedded Systems. Springer, 2015, pp.
599–619.
[17] J. Longo, E. D. Mulder, D. Page, and M. Tunstall, “SoC it to EM:
electromagnetic side-channel attacks on a complex system-on-chip,”
Cryptology ePrint Archive, Report 2015/561, 2015.
[18] J. G. van Woudenberg, M. F. Witteman, and B. Bakker, “Improving
differential power analysis by elastic alignment,” in Cryptographers
Track at the RSA Conference. Springer, 2011, pp. 104–119.
[19] H. Sakoe and S. Chiba, “Dynamic programming algorithm optimization
for spoken word recognition,” IEEE transactions on acoustics, speech,
and signal processing, vol. 26, no. 1, pp. 43–49, 1978.
[20] R. W. Schafer, “What is a savitzky-golay filter?[lecture notes],” IEEE
Signal processing magazine, vol. 28, no. 4, pp. 111–117, 2011.
[21] J. Chen, P. Jönsson, M. Tamura, Z. Gu, B. Matsushita, and L. Eklundh,
“A simple method for reconstructing a high-quality ndvi time-series data
set based on the savitzky–golay filter,” Remote sensing of Environment,
vol. 91, no. 3, pp. 332–344, 2004.
[22] E. Brier, C. Clavier, and F. Olivier, “Correlation power analysis with a
leakage model,” in International Workshop on Cryptographic Hardware
and Embedded Systems. Springer, 2004, pp. 16–29.
[23] H. C. Van Tilborg and S. Jajodia, Encyclopedia of cryptography and
security. Springer Science & Business Media, 2014.
[24] I. Frieslaar and B. Irwin, “Evaluating the multi-threading counter-
measure,” International Journal of Computer Science and Information
Security, vol. 14, no. 12, pp. 379–387, 2016.
Ibraheem Frieslaar is currently pursuing his PhD. in Computer Science
at Rhodes University. The focus of his research is signal intelligence and
cryptanalysis.
Barry Irwin is the founder and head of the Security and Networks Research
Group at Rhodes University. His research focuses on passive traffic analysis,
Internet background radiation, Web-based malware and national level cyber
defence.