Slashdot Mirror

← Back to Stories (view on slashdot.org)

Breaking RSA Keys by Listening to Your Computer

Posted by Hemos on from the sssh-i'm-hunting-for-wabbits dept.

An anonymous reader writes "Adi Shamir and crew gave a talk on preliminary results in extracting a private RSA key just by listening to the computer!. Similar to power analysis and LED leakage, this is a non-invasive, side channel attack that may have applications to tamper-resistant systems. It appears to be related to noisy capacitors on the motherboard, an effect which has been observed when CPU power saving is enabled on laptops."

12 of 186 comments (clear)

  1. Quite didn't get it!!! by KrisCowboy · · Score: 1, Insightful

    The following demonstrates some preliminary results in the analysis of acoustic emanations from personal computers, showing them to be a surprisingly rich source of information on CPU activity.

    Does it mean that people can get my private key by actually "listening" to my box? It would be great if anyone can provide more information regarding this. It's kinda freaky!!!

  2. If you have phsysical access by foidulus · · Score: 3, Insightful

    Wouldn't it just be easier to use money/women/men/donkeys to bribe the person to cough up a password?
    I guess you could always "bug" a place, but if you were significantly paranoid about security(to the point where someone would try to listen your key away from you) wouldn't you have a copper cage around your building?

  3. Extracting the Actual Numbers? by artlu · · Score: 5, Insightful

    The article does not deal with actually computing the encoding (Pe) and decoding functions (Pd) for q,n,d. Where q,n are unique primes. The only thing their interference spotted is the markings between computing each function for the signature, and this drastically varies based on the machine. They do have a Proof of Conept, but no quantifiable data.
    My $0.02.

    artlu

    --
    -------
    artlu.net
  4. RTFA by Anonymous Coward · · Score: 0, Insightful

    schmuck

  5. not so lucky by hatchetman82 · · Score: 4, Insightful

    "...For example, a high-quality analog equalizer can be used to attenuate strong low-frequency fan hums and background noise..."
    taken from the article.
    you'd need background noise in the same frequency area (dummy CPU ?)

  6. no disrespect to Adi Shamir, but... by Gadi+Evron · · Score: 2, Insightful

    As much as this technology is a risk and therefore a potential threat, unless you are of the reaslly paranoid (which would mean this interests you considerably) there are far easier ways of attacking a computer.

    This attack came to show how to attack the key, which is why it interests these folks, I suppose, but it would be much easier to use TEMPEST if you get access to actually install some tool to hear && (record || trasmit) the audio.

    I would suggest TEMPEST would also be more reliable, but some testing is in order, as well as a lot of research for every CPU you intend to attack.

    Cost vs. benfit? I can't really see it.

    This is pretty cool though!! :)

    (adding another mark on my paranoia list).

  7. Odd article to have Shamir's name on it by Anonymous Coward · · Score: 1, Insightful

    What a ridiculous load of bunk. You cannot possibly use audio frequencies to infer any meaningful information about what's happening on a processor running at 1,000 MHz or higher clock speeds. Repetitive sampling techniques would be necessary, and I don't think anyone's key-generation algorithm is going to sit in a tight loop, doing the exact calculations over and over for the weeks of wall-clock time it would take to sample any actual key data by acoustical means.

    All this article "proves" is that a CPU's current drain is vaguely correlated to the type of instructions it's executing. In a modern multitasking OS, that's not even a useful basis for traffic analysis.

  8. Re:RSA sucks anyway by Anonymous Coward · · Score: 0, Insightful

    You trust that the NSA does not have a back door in, or did not also develop a way to break the encryption? From what I know of them they would not want to give out unbreakable encryption.

  9. Re:RSA sucks anyway by kasperd · · Score: 5, Insightful

    Nope, for it's DSA/DSS all the way, and all the noisy capacitors in the world won't help you break it.
    That wouldn't change anything. RSA as well as DSS is based on modulus exponentiation with a secret exponent. If you can get the exponent you have broken the system, it is as simple as that.

    Why do I trust it? Because it was developed by the NSA, not a bunch left leaning MIT eggheads.
    That kind of logic is useless in the security business. Basing your trust upon who designed the algorithm is stupid. How many (and who) tried to break the algorithm and failed at that is a better meassure on the security. A good rationale behind the design is another good meassure on the security. And finally mathematical proofs.

    --

    Do you care about the security of your wireless mouse?
  10. Encryption is part of checks and balances. by Roman_(ajvvs) · · Score: 4, Insightful
    By encrypting your data, you are bringing unnecessary suspicion upon yourself

    Encryption inhibits surveillance by ANYONE. That the government falls under the category of anyone is secondary to most encryption desires and uses.

    If someone was attempting avoidence/prevention of potential government investigation, then the act of encrypting wouldn't make it more or less likely. They make use of encryption because they have some information they don't want the government to know. It's not because they use encryption but due to any relevant knowledge they have, that a person should ellicit investigation by their government. And then knowledge pertaining only to those things that governments should worry about (murder, fraud, and other criminal acts).

    So by encrypting the code on my laptop as a security precaution, you're saying I bring unnecessary suspicion upon myself? Noone but my company and its business competitors has an interest in the trade secrets I manage and create during the course of my business. Therefore I use encryption as a means of self-defense. I inhibit investigation by those not authorized by me or my company. The act of investigation could very well be illegal. I would not give my government blanket access to my trade secrets, when I have no control over what they do with them. They should have no interest in them. in fact, by wanting to enhance surveillance of those things which they declare to not have an interest in and would normally have no involvement in is suspicious in itself. Encryption is a tool and is about as dangerous as a screwdriver.

    --
    click-clack, front and back. I'm not moving this car otherwise.
  11. Re:Is this actually possible? by Insount · · Score: 4, Insightful

    > How could one hope to extract a certain few bits from a recording when
    > the CPU's instruction throughput is many times that?

    The few bits you're trying to extract may have an observable influence on global statistics, especially when you can affect the value of some other bits. See for example Boneh and Brumley's timing attack on OpenSSL.

  12. Re:Some guy was investigated for excercising the F by Jane_Dozey · · Score: 2, Insightful

    Steganography anyone?
    I odn't think any government who has reason to believe you to be hiding something would fail to check if it was in plain view or not.
    Otherwise criminals would all be using those ghost markers kids use :)

    --
    Silly rabbit