News Reseachers grab encryption keys by listening

Side-channel attacks based on measuring the power consumption of CPUs are fairly well-known. If you can tie coil-whine and other noises closely to power delivery, then this certainly sounds like a viable attack.

 

Presumably, significant multi-tasking of CPU-intensive tasks would also foil this attack?

"No boss, I'm not playing WoW on my second monitor for fun - I'm ensuring data security!"

For that matter, I would imagine that just playing MP3s at high volume would avert most of the problem - both adding noise to the microphone input, and affecting the CPU usage... bring on the Black Sabbath albums!

 

You just have to be careful of NSA and GCHQ spy's pretending to be orcs or dwarves and such

 

Well this'll be gone shortly when new VRM stages push the switching frequency up even higher which means noise that's in MHz and completely inaudible if it happens at all.

 

High frequency and GSM don't go hand in hand. GSM codec is ~7khz, not to mention shitty compression.
What if someone hacks your phone and streams hi quality audio you ask?
Well, microphones in phones are ~15-20KHz, there is no need to put anything higher quality (not to mention, anything with higher bandwidth probably would cost more than most phones). While VRMs these days usually operate in MHz range.
In conclusion - this paper is full of s**t or there was something seriously wrong with their equipment.

Now, getting this from integrated sound card background humm, I could believe.

 

Surely different cpu's/voltages/VRM's/PSU's etc will vary the noise generated from different configurations.

 

Plus there are different codepaths for different hardware (a single program might be compiled with optimizations for AES-NI-capable processors for example, while still being able to function with older CPUs), different versions of one targeted program they went after, different versions for different operating systems etc. ... so many variables to account for.

@Gareth: it is common for such claims to be backed by something (an exploit code snippet, for example). Where can I find this smartphone application which will recover encryption keys ?

 

Does the 'potential to mount an attack' mean the app could provide the method of correctly recording or actually decipher the key? I read it first as meaning they were recording the sound with the app and then going and plugging away at all the math for a good while to work out the key. Guess I just thought it sounded pretty difficult.

...And no I didn't read the paper, that's why I read the article about the paper, so don't grump

 

The phone is just a convenient microphone in a non-suspicious package. The actual processing of the audio captured would be done off-line.

 

That so remnds me of "Halting State" by Charles Stross.

 

This stuff sounds really cool. May have to read it whilst at GFs parents for Christmas. Thanks for sharing.

But now; I must clean my kitchen!