CAPEC-625: Mobile Device Fault Injection

Standard Draft

CAPEC版本: 3.9

更新日期: 2023-01-24

攻击模式描述

Fault injection attacks against mobile devices use disruptive signals or events (e.g. electromagnetic pulses, laser pulses, clock glitches, etc.) to cause faulty behavior. When performed in a controlled manner on devices performing cryptographic operations, this faulty behavior can be exploited to derive secret key information. Although this attack usually requires physical control of the mobile device, it is non-destructive, and the device can be used after the attack without any indication that secret keys were compromised.

所需技能

High Adversaries require non-trivial technical skills to create and implement fault injection attacks on mobile devices. Although this style of attack has become easier (commercial equipment and training classes are available to perform these attacks), they usual require significant setup and experimentation time during which physical access to the device is required. This prerequisite makes the attack challenging to perform (assuming that physical security countermeasures and monitoring are in place).

后果影响

影响范围: Confidentiality Access Control

技术影响: Read Data

说明: Extract long-term secret keys (e.g. keys used for VPN or WiFi authentication and encryption) to enable decryption of intercepted VOIP traffic.

缓解措施

Strong physical security of all devices that contain secret key information. (even when devices are not in use)

Frequent changes to secret keys and certificates.

关键信息

CAPEC ID: CAPEC-625

抽象级别: Standard

状态: Draft

相关攻击模式
ChildOf CAPEC-624

Hardware Fault Injection

Meta
相关CWE弱点
CWE-1247 CWE-1248 CWE-1256 CWE-1319 CWE-1332 CWE-1334 CWE-1338 CWE-1351
返回列表