We trust our smartphones with many secrets. We also allow them to make many important decisions for us. To protect the confidentiality of these secrets and the integrity of these decisions, the phone’s software imposes very strict limitations on what kinds of data can enter and exit the phone, and what sort of trust and privilege is given to each of the phone’s installed applications.
A smartphone, however, is not just an abstract piece of software, but rather a complicated physical device with many hardware components and sensors. Attacks which target the physical implementation of the phone, instead of its software, have the potential of severely compromising the phone’s confidentiality and integrity.
For example, mobile phones are often dropped, shattering their screens. We show how a replacement touchscreen can install malicious software, steal passwords, and even completely “root” a phone, letting the attacker execute privileged operations. All of these feats are possible even if no software is installed on the phone other than its factory default firmware. We show how a phone’s protective case can snoop after a user’s interaction with the touchscreen, even if it is not connected to the phone in any way. We also show how a protective case can use the phone’s transmitter to exfiltrate data.
Protecting the phone from these attacks is an interesting challenge, and the talk will conclude with some ideas in this direction. We will also show a constructive use for one of our attacks.
Joint work with Benyamin Farshteindiker, Omer Shwartz, Amir Cohen, Tomer Gluck, Gal Shitrit, Nir Hassidim, Asaf Grosz, Rami Puzis and Asaf Shabtai.
Yossi Oren is a senior lecturer (assistant professor) at the Department of Software and Information Systems Engineering in Ben Gurion University, and a member of BGU's Cyber Security Research Center. Prior to joining BGU, Yossi was a post-doctoral research scientist in the Network Security Lab at Columbia University in New York and a member of the security lab at Samsung Research Israel. He holds a Ph.D. in Electrical Engineering from Tel-Aviv University, and an M.Sc. in Computer Science from the Weizmann Institute of Science.
His research interests include implementation security (power analysis and other hardware attacks and countermeasures; low-resource cryptographic constructions for lightweight computers) and cryptography in the real world (consumer and voter privacy in the digital era; web application security).