Screaming Channels is a project that investigates long-distance side-channel attacks on radio signals emitted by mixed-signal chips. Up to now, our best result is a full key recovery from 10 m (Bluetooth dongle, TinyAES 128, anechoic room). We make our setup and code public so that others can reproduce and improve our results.In a nutshell, Screaming Channels is based on these remarks:
LE MONDE, 25.07.2018, Les très indiscrètes puces des objets connectés
The Register, 27.07.2018, Boffins: Mixed-signal silicon can SCREAM your secrets to all
HACKADAY, 27.07.2018, Screaming Channels Attack RF Security
HACKADAY, 30.07.2018, Screaming Channels Attacks Against Mixed Signal Microcontrollers
SECURITY INFO, 31.07.2018, Attacco Screaming Channels: i dati si leggono anche a 10 metri
threatpost, 08.08.2018, Black Hat 2018: Mixed Signal Microcontrollers Open to Side-Channel Attacks
Compared to conventional Side Channels, the Screaming Channels leak is strong and broadcast over a potentially long distance by the radio. Hence the attribute Screaming, in contrast with the Whisper of conventional channels.