It depends what sort of side channel attacks you are worried about and what sort of crypt algorithms you are using.
My knowledge area is cache based side channel attacks. 1. ARM chips use trustzone which claims it prevents cache based side channel attacks when running in secure mode but probably amplifies them (I found this on a set of slides a crypto class a professor had put up on the web a few years back but have not verified it myself). 2. ARM v8 has the AES instruction set which you should use, some mobile libraries may not use so check your library. 3. Timers on ARM chips don't have the same resolution as timers on x86 so cache based attacks are very possible but harder. Other than using the AES instruction set which should completely mitigate the risk of cache based side channel attacks against an AES key I am not sure there is much else you can do. Noise can always be averaged away. On Fri, Mar 8, 2013 at 2:57 AM, ianG <[email protected]> wrote: > Has anyone done any side channel analysis on phones? > > I'm working on an android crypto app at the moment, and an unanswered > question from the threat model is how to limit the possibilities of > attacking the keys from another app. I can see obvious techniques of > adding additional camouflage crunching and delays, but as there might be > smart apps sitting right there in another sandbox, it seems intuitively > that just adding noise isn't going to cut it. > > iang > ______________________________**_________________ > cryptography mailing list > [email protected] > http://lists.randombit.net/**mailman/listinfo/cryptography<http://lists.randombit.net/mailman/listinfo/cryptography> >
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
