Privacy Leakage in Wireless Charging
Jianwei Liu, Xiang Zou, Leqi Zhao, Yusheng Tao, Sideng Hu, Jinsong Han, Kui Ren
Abstract
Wireless charging is becoming an essential power supply pattern for electronic devices. Currently, mainstream smartphones are almost compatible with wireless charging. However, when the charging efficiency is continuously improved, its security challenge still remains open yet overlooked. In this paper, we reveal that severe security flaws exist in the wireless charging procedure of off-the-shelf commodity smartphones. Specifically, we find that an attacker can utilize the electromagnetic induction effect between the wireless charger and the smartphone to detect the activities and operations performed on the smartphone. We term such attack as <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">EM-Surfing</i> side-channel attack and build a theoretical model to show its feasibility. To explore the hazard of <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">EM-Surfing</i> , we propose a three-module attack method, with which we conduct real-world experiments over three mainstream models of smartphones. The results show that the attacker can achieve over 99%, 96%, 94%, and 97% accuracy when inferring the passcode, keystroke, App information, and speech content, respectively. We also design an App named <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">SecCharging</i> to prevent smartphones from <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">EM-Surfing</i> attacks. The defense experiment results demonstrate that <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">SecCharging</i> can mitigate the threats posed by <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">EM-Surfing</i> effectively.