How can I recognize the several phases in 3G procedures from a power signal trace?
The first thing you can do is to find the I/O. These can be recognized by the baudrate of the I/O bits (93 microseconds per bit). Then you want to explain remarkable parts of the trace part between Input and Output. Things that you might see by visual inspection: EEPROM writing, usually takes 1 to 10 s (microseconds). Cryptographic operation, depend on the cryptography, a hardware DES usually takes a few s. Switching of clock frequency, could be observed in the spectrum Switching on/off of noise generator or charge pump, switching on noise generator would increase the overall power consumption. Typical security procedures in 3G are: • Card management with ENVELOPE command. This involves the use of 3DES several times • Network authentication (often prior to a call). This most likely involves the use of AES several times • Applet operation. This could relate to a security sensitive applet, e.g. e-purse. Crypto could be any algorithm.
