1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Reseachers grab encryption keys by listening

Discussion in 'Article Discussion' started by Gareth Halfacree, 19 Dec 2013.

  1. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    12,967
    Likes Received:
    2,107
  2. edzieba

    edzieba Virtual Realist

    Joined:
    14 Jan 2009
    Posts:
    3,387
    Likes Received:
    335
    Side-channel attacks based on measuring the power consumption of CPUs are fairly well-known. If you can tie coil-whine and other noises closely to power delivery, then this certainly sounds like a viable attack.
     
  3. Pricester

    Pricester New Member

    Joined:
    25 Aug 2002
    Posts:
    120
    Likes Received:
    1
    Presumably, significant multi-tasking of CPU-intensive tasks would also foil this attack?

    "No boss, I'm not playing WoW on my second monitor for fun - I'm ensuring data security!"

    For that matter, I would imagine that just playing MP3s at high volume would avert most of the problem - both adding noise to the microphone input, and affecting the CPU usage... bring on the Black Sabbath albums!
     
  4. Corky42

    Corky42 Where's walle?

    Joined:
    30 Oct 2012
    Posts:
    9,441
    Likes Received:
    338
    You just have to be careful of NSA and GCHQ spy's pretending to be orcs or dwarves and such :worried:
     
  5. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    12,967
    Likes Received:
    2,107
    Addressed in the paper: running multiple threads on multi-core CPUs appears to actually make the attack easier, because the processor down-clocks compared to single-thread, single-core operation.
    Also addressed in the paper: the frequencies are higher than music, higher than fan whine, higher than anything you can hear unaided - meaning it's easy to isolate what you need, even if you've got The Birdy Song going full-blast on repeat.
     
  6. K.I.T.T.

    K.I.T.T. Hasselhoff™ Inside

    Joined:
    1 Jan 2005
    Posts:
    624
    Likes Received:
    1
    Well this'll be gone shortly when new VRM stages push the switching frequency up even higher which means noise that's in MHz and completely inaudible if it happens at all.
     
  7. Xlog

    Xlog Active Member

    Joined:
    16 Dec 2006
    Posts:
    558
    Likes Received:
    39
    High frequency and GSM don't go hand in hand. GSM codec is ~7khz, not to mention shitty compression.
    What if someone hacks your phone and streams hi quality audio you ask?
    Well, microphones in phones are ~15-20KHz, there is no need to put anything higher quality (not to mention, anything with higher bandwidth probably would cost more than most phones). While VRMs these days usually operate in MHz range.
    In conclusion - this paper is full of s**t or there was something seriously wrong with their equipment.

    Now, getting this from integrated sound card background humm, I could believe.
     
  8. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    12,967
    Likes Received:
    2,107
    Who said they were transmitting via GSM?
    You did read the paper, right? This is all addressed in there.
    I love it when people who aren't massive names in the cryptography world and who didn't invent the most widely-used public-key cryptosystem decide that experts are the fools. No, really. Love it.

    As I'm sure you've read the paper in full before coming to that conclusion, then I'm sure you'll remember Section 5.4 - in which the team describes the results of different experimental setups. You know, the one where they successfully do exactly what you just said was impossible. That section. Here, I'll quote it:
     
  9. Deders

    Deders Well-Known Member

    Joined:
    14 Nov 2010
    Posts:
    4,053
    Likes Received:
    106
    Surely different cpu's/voltages/VRM's/PSU's etc will vary the noise generated from different configurations.
     
  10. Alecto

    Alecto Member

    Joined:
    20 Apr 2012
    Posts:
    134
    Likes Received:
    1
    Plus there are different codepaths for different hardware (a single program might be compiled with optimizations for AES-NI-capable processors for example, while still being able to function with older CPUs), different versions of one targeted program they went after, different versions for different operating systems etc. ... so many variables to account for.

    @Gareth: it is common for such claims to be backed by something (an exploit code snippet, for example). Where can I find this smartphone application which will recover encryption keys ?
     
  11. enciem

    enciem New Member

    Joined:
    23 Sep 2009
    Posts:
    144
    Likes Received:
    3
    Does the 'potential to mount an attack' mean the app could provide the method of correctly recording or actually decipher the key? I read it first as meaning they were recording the sound with the app and then going and plugging away at all the math for a good while to work out the key. Guess I just thought it sounded pretty difficult.

    ...And no I didn't read the paper, that's why I read the article about the paper, so don't grump ;)
     
  12. edzieba

    edzieba Virtual Realist

    Joined:
    14 Jan 2009
    Posts:
    3,387
    Likes Received:
    335
    The phone is just a convenient microphone in a non-suspicious package. The actual processing of the audio captured would be done off-line.
     
  13. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    12,967
    Likes Received:
    2,107
    But this isn't an 'exploit' per se - and nor is it a posting to the Full Disclosure mailing list. It's an academic paper, and it would be rare for an academic paper to include a complete printout of all source. Add to that responsible disclosure guidelines - sure, GnuPG has a fix for the attack now but it's nowhere near widely deployed yet - and you should see why that's not included in the paper.

    Theoretically, you could do the analysis on the smartphone - but it'd be so much quicker to just move the recording onto a more powerful machine and do it there. It's not like the thing works in real-time, anyway - it takes about an hour to recover a single key.

    ^ Wot 'e said.
     
  14. Andy Mc

    Andy Mc Well-Known Member

    Joined:
    23 May 2002
    Posts:
    1,729
    Likes Received:
    129
    That so remnds me of "Halting State" by Charles Stross.
     
  15. law99

    law99 Custom User Title

    Joined:
    24 Sep 2009
    Posts:
    2,382
    Likes Received:
    59
    This stuff sounds really cool. May have to read it whilst at GFs parents for Christmas. Thanks for sharing.

    But now; I must clean my kitchen!
     

Share This Page