Slashdot Mirror
RSA Keys Can Be Harvested With Microphones (theregister.co.uk)
Researchers have now demonstrated that even with modern laptop, desktop, and server computers, an inexpensive attack can harvest 4,096-bit encryption keys using a parabolic microphone within 33 feet -- or even from 12 inches away, using a cellphone microphone.
An anonymous reader quotes this article from The Register:
In both cases it took an hour of listening to get the 4,096-bit RSA key... As a computer's processor churns through the encryption calculations, the machine emits a high-frequency "coil whine" from the changing electrical current flowing through its components... The team recommends encryption software writers build in "blinding" routines that insert dummy calculations into cryptographic operations. After discussions with the team, GNU Privacy Guard now does this.
Even if they have my RSA keys, they don't have my RSA locks!
Play an MP3 at the same time so they get a audio download then send them a DCMA takedown notice :)
OK, imagine a '63 Bel Air with hydraulic suspension and a horn that plays "La Cucaracha". It is traveling from Modesto to the Reservoir at exactly 48mph. Now imagine a 2006 Mercedes G-Class with extra-large wheels and spinning hubs that is booming some old-school NWA. It is traveling from Oakland to the Reservoir at exactly 52 mph.
If someone had a listening device installed in both cars, the probability that the phrase, "You know, that Donald Trump makes some good points" would be heard approaches zero.
I hope that clears it up.
You are welcome on my lawn.
Not if you're looking at a server in a datacentre. The bad guys can just rent a space in the next rack over and you're totally unaware that they're busy vacuuming up your keys for later exploitation.
Just install some of those oldschool EMC storage towers that sound like jet engines running 24/7. Sure your DC employees will go deaf but your keys won't leak!
I browse on +1 so AC's need not respond, I won't see it.
Especially since that loud knocking my hard drive's been making for the past week would totally drown out the coil whine.
I'm hoping that knocking sound goes away. Sometimes these things fix themselves, you know?
Well the good news is that it's pretty much guaranteed to go away on it's own. Now as for the bad news....
I browse on +1 so AC's need not respond, I won't see it.
I'm hoping that knocking sound goes away. Sometimes these things fix themselves, you know?
The knocking sound means that your system is low on hard drive oil.
Just get a can of WD-40, drill a small (1/8") hole in the drive, and spray a couple of healthy blasts of the WD-40 into the drive. This will almost always cure the knocking sound.
Just cruising through this digital world at 33 1/3 rpm...
There is no way on a real system this would work.
Famous last words.
Along with:
"He'll stop, we have the right of way!"
"I'm sure it's unloaded."
"Of course I'm sure that the other guy shut the power off."
"If taking one of these pills is good, taking three means it'll work really fast."
"Oh yeah, it's strong enough to hold us."
"Watch this!"
Just cruising through this digital world at 33 1/3 rpm...