SCA-Pitaya: A Practical and Affordable Side-Channel Attack Setup for Power Leakage--Based Evaluations

Athough side-channel attacks appeared more than two decades ago, they remain very little discussed by security professionals outside the academia or very specific sectors (e.g., smartcard industry, governments). However, with the increasing generalisation of Internet of Things systems, they are a threat that can no longer be ignored by the operational world. This work aims to demonstrate that side-channel attacks can be practically achieved by an attacker, with reasonable means, effort, knowledge, and time. For this purpose, the contribution of this work is twofold. First, it is shown how a side-channel attack setup exploiting power leakages through electro-magnetic radiations, and making use of general-purpose and affordable equipment, can be built. The acquisition of attack power traces is made thanks to a Red Pitaya STEMlab platform coupled with a home-built radio front-end. Second, it is shown how an attack can be conducted against targets that are representative of Internet of Things devices: 8-bit and 32-bit Arduino boards.