@article{Ji2025IsYB, title={Is Your Bluetooth Chip Leaking Secrets via RF Signals?}, author={Yanning Ji and Elena Dubrova and Ruize Wang}, journal={IACR Cryptol. ePrint Arch.}, year={2025}, volume={2025}, pages={559}, url={https://api.semanticscholar.org/CorpusID:278151312} }

A machine learning-assisted side-channel attack on the hardware AES accelerator of a Bluetooth chip used in millions of devices worldwide, ranging from wearables and smart home products to industrial IoT, can recover the full encryption key from 90,000 traces captured at a one-meter distance from the target device.

Figures and Tables from this paper

Non-Profiled Deep Learning-Based Side-Channel Attacks

This paper introduces a new method to apply Deep Learning techniques in a Non-Profiled context, where an attacker can only collect a limited number of side-channel traces for a fixed unknown key value from a closed device and introduces metrics based on Sensitivity Analysis that can reveal both the secret key value and points of interest.