DEMA

Differential Electromagnetic Analysis

Security
Introduced in Rel-12
DEMA is a side-channel attack technique that analyzes electromagnetic emissions from cryptographic hardware to extract secret keys. It measures tiny variations in electromagnetic radiation during cryptographic operations to deduce sensitive information. This is crucial for assessing and hardening the physical security of 3GPP network equipment against sophisticated attacks.

Description

Differential Electromagnetic Analysis (DEMA) is a sophisticated physical attack method that belongs to the broader category of side-channel attacks. Unlike traditional cryptanalysis that targets mathematical weaknesses in algorithms, DEMA exploits unintentional information leakage from the physical implementation of cryptographic systems. The technique specifically measures and analyzes the electromagnetic (EM) radiation emitted by integrated circuits, processors, or other hardware components while they perform cryptographic operations such as encryption, decryption, or digital signature generation. These emissions are correlated with the internal data being processed, including secret keys and intermediate values, allowing attackers to statistically deduce sensitive information.

The technical foundation of DEMA involves collecting electromagnetic traces using specialized equipment, typically a high-bandwidth oscilloscope coupled with a near-field EM probe positioned close to the target device. The probe captures the transient electromagnetic fields generated by current flows within the chip during computation. Multiple traces are recorded while the device processes known or chosen inputs. The attacker then applies statistical methods, most commonly Differential Power Analysis (DPA) techniques adapted for EM signals, to these traces. By comparing the actual EM measurements with predicted models of how the device should behave for different key hypotheses, the attacker can identify the correct secret key through correlation peaks.

Within the 3GPP ecosystem, DEMA is particularly relevant for evaluating the security of Universal Integrated Circuit Cards (UICCs), including SIM cards, embedded SIMs (eSIMs), and the secure elements within User Equipment (UE) and network infrastructure. 3GPP specification TS 35.934 provides methodologies and requirements for testing resistance against such attacks. The analysis targets cryptographic algorithms standardized by 3GPP, such as the MILENAGE algorithm suite used in authentication and key agreement (AKA), as well as other symmetric and asymmetric algorithms implemented in hardware. A successful DEMA attack could compromise the long-term secret key (K) stored on the UICC, undermining the entire authentication framework of the network.

The role of DEMA in 3GPP security is primarily defensive. It establishes a critical evaluation criterion for hardware security modules, secure processors, and smart cards used in mobile networks. Manufacturers and certification bodies use DEMA testing, as outlined in TS 35.934, to assess the vulnerability of products before deployment. Countermeasures against DEMA include both hardware and software techniques. Hardware countermeasures involve circuit-level design such as power supply filters, electromagnetic shielding, balanced logic styles, and randomizing the execution timing of operations. Software countermeasures include algorithmic masking, where intermediate values are concealed with random data, and execution path randomization. Understanding and mitigating DEMA threats is essential for ensuring the end-to-end physical layer security of 5G and beyond networks, protecting user privacy and network integrity from determined physical attackers.

Purpose & Motivation

DEMA, as a concept defined and addressed within 3GPP standards, exists to proactively identify and mitigate a critical class of physical security threats against mobile network infrastructure and user devices. Prior to the formal recognition of such side-channel attacks, security evaluations primarily focused on logical and protocol-level vulnerabilities. The mathematical strength of cryptographic algorithms like AES or the MILENAGE suite was considered sufficient. However, real-world implementations in silicon were found to leak information through physical channels like power consumption, timing, and electromagnetic emissions. This created a significant gap between theoretical and practical security, allowing attackers with physical access to bypass strong cryptography by measuring these unintended side effects.

The specific problem DEMA addresses is the extraction of secret cryptographic keys from hardware security modules, SIM cards, and baseband processors through non-invasive means. An attacker does not need to depackage the chip or use expensive focused ion beam equipment; they can simply place a probe near the device during operation. This makes the attack feasible for a wider range of adversaries. The motivation for its inclusion in 3GPP standards (TS 35.934) was driven by the increasing value of mobile communications, the rise of mobile financial services, and the need for robust device identity and authentication in the IoT era. If the foundational secret key on a SIM or TPM can be cloned via DEMA, it compromises user identity, allows for network fraud, and undermines the trust in mobile networks as a platform for critical services.

Historically, the limitations of previous security approaches were their abstraction away from physical reality. Standards assumed a 'black box' model where the algorithm was executed perfectly in isolation. DEMA and related side-channel analyses demonstrated that the implementation is part of the security perimeter. By standardizing the attack methodology (DEMA) in Rel-12, 3GPP provided a common framework for vendors, test labs, and operators to evaluate resistance, leading to more secure hardware designs. This was particularly important as networks evolved towards 5G, requiring stronger assurance for network slicing, massive IoT, and ultra-reliable low-latency communications, all of which depend on tamper-resistant secure elements.

Key Features

  • Non-invasive attack technique requiring physical proximity but not device destruction
  • Exploits correlation between electromagnetic emanations and internal data processing
  • Targets hardware implementations of 3GPP cryptographic algorithms (e.g., MILENAGE, AES)
  • Utilizes statistical differential analysis on collected EM trace data
  • Defined for security evaluation and testing per 3GPP specification TS 35.934
  • Drives the implementation of hardware and software countermeasures in secure chips

Evolution Across Releases

Rel-12 Initial

Introduced DEMA as a formalized security evaluation methodology within 3GPP TS 35.934. This release established the foundational framework for testing the resistance of UICC (SIM) and UE hardware against differential electromagnetic analysis attacks. It defined the basic attack model, measurement setups, and analysis techniques targeting the confidentiality of long-term cryptographic keys (K) used in authentication algorithms.

TS 35.934

Defining Specifications

SpecificationTitle
TS 35.934 3GPP TR 35.934