Wireless Charging Power Side-Channel Attacks.

This paper shows that today's wireless charging interface is vulnerable to power side-channel attacks; a smartphone charging wirelessly leaks private information about its activity to the wireless charger (charging transmitter). We present a website fingerprinting attack through the wireless charging side-channel for both iOS and Android devices. The attack monitors the current drawn by the wireless charging transmitter while 20 webpages from the Alexa top sites list are loaded on a charging smartphone. We implement a classifier that correctly identifies unlabeled current traces with an accuracy of 87% on average for an iPhone 11 and 95% on average for a Google Pixel 4. This represents a considerable security threat because wireless charging does not require any user permission if the phone is within the range of a charging transmitter. To the best of our knowledge, this work represents the first to introduce and demonstrate a power side-channel attack through wireless charging. Additionally, this study compares the wireless charging side-channel with the wired USB charging power side-channel, showing that they are comparable. We find that the performance of the attack deteriorates as the contents of websites change over time. Furthermore, we discover that the amount of information leakage through both wireless and wired charging interfaces heavily depends on the battery level; minimal information is leaked at low battery levels.