How To Steal Secret Crypto-Keys From PCs Using Leaked Radio Emissions

hack private keys

Computer scientists from Tel Aviv University have developed an equipment that allows anyone to steal private decryption keys from PCs within seconds by measuring the electromagnetic emissions during the decryption of a chosen cipher text.

In the research paper titled "Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation", the researchers explains how the equipment can extract crypto-keys from electromagnetic emissions.

From their Abstract

We demonstrate the extraction of secret decryption keys from laptop computers, by non-intrusively measuring electromagnetic emanations for a few seconds from a distance of 50 cm. The attack can be executed using cheap and readily-available equipment: a consumer-grade radio receiver or a Software Defined Radio USB dongle. The setup is compact and can operate untethered; it can be easily concealed, e.g., inside pita bread. Common laptops, and popular implementations of RSA and ElGamal encryptions, are vulnerable to this attack, including those that implement the decryption using modern exponentiation algorithms such as sliding-window, or even its side-channel resistant variant, fixed-window (m-ary) exponentiation.

Tel Aviv University researchers used the Funcube Dongle Pro+, hooked up to a small Android embedded computer called the Rikomagic MK802 IV, to measure emissions within 1.6 and 1.75 MHz. 

The researchers says that the attack can also be mounted using a standard AM radio with the output audio recorded by a smartphone.

Since the computers are usually juggling multiple tasks at the same time, such attacks are obviously unreliable (noise from other tasks can ruin the attempts to extract private keys).

No comments

Powered by Blogger.