Smartphones handle sensitive tasks such as messaging and payment and may soon support critical electronic identification through initiatives such as the European Digital Identity (EUDI) wallet, currently under development. Yet the susceptibility of modern smartphones to physical side-channel analysis (SCA) is underexplored, with recent work limited to pre-2019 hardware. Since then, smartphone system on chip (SoC) platforms have grown more complex, with heterogeneous processor clusters, sub 10 nm nodes, and frequencies over 2 GHz, potentially complicating SCA. In this paper, we assess the feasibility of electromagnetic (EM) SCA on a Raspberry Pi 4, featuring a Broadcom BCM2711 SoC and a Fairphone 4 featuring a Snapdragon 750G 5G SoC. Using new attack methodologies tailored to modern SoCs, we recover ECDSA secrets from OpenSSL by mounting the Nonce@Once attack of Alam et al. (Euro S&P 2021) and show that the libgcrypt countermeasure does not fully mitigate it. We present case studies illustrating how hardware and software stacks impact EM SCA feasibility. Motivated by use cases such as the EUDI wallet, we survey Android cryptographic implementations and define representative threat models to assess the attack. Our findings show weaknesses in ECDSA software implementations and underscore the need for independently certified secure elements (SEs) in all smartphones.

翻译：智能手机承担着即时通讯、支付等敏感任务，并有望通过正在开发的欧盟数字身份（EUDI）钱包等举措支持关键电子身份识别。然而，当前领域内针对现代智能手机物理侧信道分析（SCA）脆弱性的研究仍显不足，近期工作仅局限于2019年前的硬件。此后，智能手机系统级芯片（SoC）平台日趋复杂，采用异构处理器集群、制程节点低于10纳米、主频超过2GHz等架构特征，可能进一步增加SCA攻击的实施难度。本文针对搭载博通BCM2711 SoC的树莓派4B与搭载骁龙750G 5G SoC的Fairphone 4手机，评估了电磁（EM）侧信道攻击的可行性。通过采用适配现代SoC的新型攻击方法，我们利用Alam等人（Euro S&P 2021）提出的Nonce@Once攻击技术，成功恢复OpenSSL中的ECDSA密钥，并证实libgcrypt防御措施未能完全消除该威胁。我们通过案例研究揭示了软硬件堆栈对EM SCA可行性的影响机理。以EUDI钱包应用场景为驱动，我们系统梳理了Android密码学实现方式，构建代表性威胁模型以评估攻击效果。研究结果表明ECDSA软件实现存在安全缺陷，强调所有智能手机必须配备独立认证的安全元件（SE）。