Breaking Confidentiality of XTS-AES Encrypted Data at Rest on Microprocessors using Electromagnetic Side-Channel Attacks

Krüger P, Wildermann S, Teich J (2025)

Publication Language: English

Publication Type: Conference contribution, Conference Contribution

Publication year: 2025

Event location: San Jose US

Abstract

Protecting the confidentiality of data at rest is a crucial concern for both individuals and organizations.
While the XTS-AES encryption algorithm is commonly used to provide such protection, it was shown that Side-Channel Analysis (SCA) poses a threat to the confidentiality of the protected data.
However, the attacks on software-based XTS-AES proposed in previous work focused on implementations for simple microcontrollers under idealized assumptions, but are not applicable on processor systems where branch predictors, caches, and operating systems introduce systemic noise to the side-channel signal.
This paper discusses the challenges faced in SCA when the side-channel information is affected by such systemic noise and presents an end-to-end EM side-channel attack workflow to recover the XTS-AES key despite such noise and enable the decryption of protected data.
After data acquisition, the resulting trace data, which may still be incomplete or error-prone due to systemic noise, is fed into our proposed attack flow targeting the individual cryptographic operations of XTS-AES:
Our methodology applies timing analysis and profiling-based techniques in combination with an ASCA-based error correction to break the masking operations, and uses CPA to attack the AES encryption operations.
Our side-channel attack approach is evaluated considering different implementations of the individual cryptographic operations using real EM side-channel traces captured from a BeagleBone Black SoC, with the application practicality of our attack being discussed based on the results.

Authors with CRIS profile

Paul Krüger Graduiertenkolleg 2475/2 - Cyberkriminalität und Forensische Informatik Stefan Wildermann Lehrstuhl für Informatik 12 (Hardware-Software-Co-Design) Jürgen Teich Lehrstuhl für Informatik 12 (Hardware-Software-Co-Design)

Related research project(s)

Cybercrime and Forensic Computing -- Hardware Security (GRK 2475) GRK2475: Cyberkriminalität und Forensische Informatik Oct. 1, 2019 - Oct. 1, 2028 GRK2475: Cyberkriminalität und Forensische Informatik (GRK 2475) Oct. 1, 2019 - Sept. 30, 2028

How to cite

APA:

Krüger, P., Wildermann, S., & Teich, J. (2025). Breaking Confidentiality of XTS-AES Encrypted Data at Rest on Microprocessors using Electromagnetic Side-Channel Attacks. In Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust (HOST). San Jose, US.

MLA:

Krüger, Paul, Stefan Wildermann, and Jürgen Teich. "Breaking Confidentiality of XTS-AES Encrypted Data at Rest on Microprocessors using Electromagnetic Side-Channel Attacks." Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust (HOST), San Jose 2025.

BibTeX: Download