Slashdot Mirror

← Back to Stories (view on slashdot.org)

RSA Keys Can Be Harvested With Microphones (theregister.co.uk)

Posted by EditorDavid on from the sound-of-your-keys dept.

Researchers have now demonstrated that even with modern laptop, desktop, and server computers, an inexpensive attack can harvest 4,096-bit encryption keys using a parabolic microphone within 33 feet -- or even from 12 inches away, using a cellphone microphone. An anonymous reader quotes this article from The Register: In both cases it took an hour of listening to get the 4,096-bit RSA key... As a computer's processor churns through the encryption calculations, the machine emits a high-frequency "coil whine" from the changing electrical current flowing through its components... The team recommends encryption software writers build in "blinding" routines that insert dummy calculations into cryptographic operations. After discussions with the team, GNU Privacy Guard now does this.

5 of 157 comments (clear)

  1. Re:Get a stronger PSU by wonkey_monkey · · Score: 3, Interesting

    The Open source implementation Is WEAKER since we now know HOW they perform the DUMMY CALCULATIONS.

    Yes, because obviously they were going to perform exactly the same dummy calculations every time in exactly the same place.

    Oh, no, wait, not everyone is as dumb as you.

    --
    systemd is Roko's Basilisk.
  2. Re:Old news by Anonymous Coward · · Score: 3, Interesting

    It's a different side channel attack, by some of the same people from the same lab.

  3. Re:Play music at the same time by TheReaperD · · Score: 4, Interesting

    That most likely won't work as they can simply discard all noise not part of the frequency range they are looking for which is trivial if the other sounds don't emit that range. As these are ultra-high frequency sounds, no MP3s or even FLAC files will have them as these ranges are discarded to keep the file size down. You'd have to be running the ultra quality studio files to even have a chance of having these ranges play but, as these are ranges that humans can't hear, they are only going to be there by accident, not intent and you won't be able to tell if they do or don't. Now, it would be possible to create audio tracks with these ranges for the express purpose of fouling these sort of attacks but, there would need to be many of them so there can be some form of randomness to prevent prediction attacks. Updating encryption systems to add junk processes at random would be an easier method of thwarting these however, it will take some time for everyone to update.

    --
    "Be particularly skeptical when presented with evidence confirming what you already believe." -
  4. Re:Get a stronger PSU by compro01 · · Score: 2, Interesting

    Not if you're looking at a server in a datacentre. The bad guys can just rent a space in the next rack over and you're totally unaware that they're busy vacuuming up your keys for later exploitation.

    --
    upon the advice of my lawyer, i have no sig at this time
  5. A good covert attack by Anonymous Coward · · Score: 4, Interesting

    Reminds me of a differential power analysis attack but that requires physical access to the machine. With this microphone attack you just need to know which type of machine it is and proceed in a completely covert manner.

    It always amazes me how inventive a determined attacker can be. On a defense project back in the 90's we had to keep our analog phones six feet away from CRTs to prevent monitor EMI from entering the phone line. That EMI could be analyzed by a third party to recreate the monitor's image.