Wireless Charging Power Side-Channel Attacks

Abstract

This paper demonstrates that today's wireless charging interface is vulnerable to power side-channel attacks; a smartphone that charges wirelessly leaks information about its activity to the wireless charger transmitter. We present a website fingerprinting attack and other preliminary attacks through the wireless charging side channel on iOS and Android devices. The website fingerprinting attack monitors the current draw of a wireless charger while the smartphone it charges loads a website from the Alexa top sites list. Our classifier identifies the website loaded on an iPhone 11 or a Google Pixel 4 with over 90% accuracy using wireless charging current traces. This attack represents a considerable security threat because wireless charging will always initiate when a compatible device is within the range of a charging transmitter. We find that the performance of the attack deteriorates as the contents of websites change over time. Additionally, this study finds that the wireless charging side channel is comparable to the wired USB charging side channel. Information leakage in both interfaces heavily depends on the battery level; minimal information leaks at low battery levels.