Screaming Channels is a project that investigates long-distance side-channel attacks on radio signals emitted by mixed-signal chips. Up to now, our best result is a full key recovery from 10 m (Bluetooth dongle, TinyAES 128, anechoic room). We make our setup and code public so that others can reproduce and improve our results.In a nutshell, Screaming Channels is based on these remarks:
Full key recovery now working from 10 m in an anechoic room (Bluetooth dongle, TinyAES 128).
Giovanni Camurati and Marius Muench presented the Screaming Channels project at Black Hat USA 2018, on August 9 afternoon in Las Vegas (USA).
Giovanni Camurati presented Screaming Channels at ACM CCS 2018.
Sebastian Poeplau presented Screaming Channels at CSAW 2018 and won the 3rd place at CSAW Europe 2018 Applied Research Competition.
Marius Muench presented Screaming Channels at GreHack 2018.
Giovanni Camurati presented Screaming Channels at RESSI 2019
Giovanni Camurati presented Screaming Channels at Journée thématique « Sécurité des systèmes électroniques et communicants » 21 mai 2019, Paris – Jussieu
LE MONDE, 25.07.2018, Les très indiscrètes puces des objets connectés
The Register, 27.07.2018, Boffins: Mixed-signal silicon can SCREAM your secrets to all
HACKADAY, 27.07.2018, Screaming Channels Attack RF Security
HACKADAY, 30.07.2018, Screaming Channels Attacks Against Mixed Signal Microcontrollers
SECURITY INFO, 31.07.2018, Attacco Screaming Channels: i dati si leggono anche a 10 metri
threatpost, 08.08.2018, Black Hat 2018: Mixed Signal Microcontrollers Open to Side-Channel Attacks
Compared to conventional Side Channels, the Screaming Channels leak is strong and broadcast over a potentially long distance by the radio. Hence the attribute Screaming, in contrast with the Whisper of conventional channels.