Acoustic Cryptanalysis

[z3ro]

Acoustic Cryptanalysis: Extracting RSA Key From GnuPG by capturing Computer Sound






'RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis', is an interesting paper recently published by Three Israeli Security Researchers at Tel Aviv University.

They claimed that, they have successfully broken one of the most secure encryption algorithms, 4096-bit RSA, just by capturing Computer's CPU Sound while it runs decryption routines.
Daniel Genkin, Adi Shamir (who co-invented RSA), and Eran Tromer, uses a side channel attack and through a process called “acoustic cryptanalysis”, they successfully extracted 4096-bit RSA key From GnuPG.

"We experimentally demonstrate that such attacks can be carried out, using either a plain mobile phone placed next to the computer, or a more sensitive microphone placed 4 meters away,”

The paper specifies some possible implementations of this attack. Some email-client softwares i.e. Enigmail can automatically decrypt incoming e-mail (for notification purposes) using GnuPG. An attacker can e-mail suitably-crafted messages to the victims, wait until they reach the target computer, and observe the acoustic signature of their decryption, thereby closing the adaptive attack loop.

"The acoustic signal of interest is generated by vibration of electronic components (capacitors and coils) in the voltage regulation circuit, as it struggles to maintain a constant voltage to the CPU despite the large fluctuations in power consumption caused by different patterns of CPU operations,"

"The relevant signal is not caused by mechanical components such as the fan or hard disk, nor by the laptop's internal speaker."

The security researchers listen to the high-pitched (10 to 150 KHz) sounds produced by your computer as it decrypts data and warned that a variety of other applications are also susceptible to the same acoustic cryptanalysis attack.

"We observe that GnuPG’s RSA signing (or decryption) operations are readily identified by their acoustic frequency spectrum. Moreover, the spectrum is often key-dependent, so that secret keys can be distinguished by the sound made when they are used. The same applies to ElGamal decryption."

Here in the above picture, a mobile phone (Samsung Note II) is placed 30 cm (nearly 12 inches) from a target laptop. The phone’s internal microphone points toward the laptop’s fan vents. Full key extraction is possible in this configuration and distance. They have notified GnuPG about the vulnerability and If you want to keep your data secure, please follow recommended countermeasures:

"One obvious countermeasure is to use sound dampening equipment, such as "sound-proof" boxes, designed to sufficiently attenuate all relevant frequencies. Conversely, a sufficiently strong wide-band noise source can mask the informative signals, though ergonomic concerns may render this unattractive. Careful circuit design and high-quality electronic components can probably reduce the emanations."

GnuPG team has developed a patch for the vulnerability to defend against key extraction attacks and released GnuPG 1.4.16.



Source: http://thehackernews.com/2013/12/acoustic-cryptanalysis-extracting-rsa.html
Original paper: http://www.tau.ac.il/~tromer/papers/acoustic-20131218.pdf

[proxx]

I am stunned , this is hacking in its most pure form , thanks for sharing.

[Kulverstukas]

That is really scary stuff. Something you would see in movies, kinda :O

[Matriplex]

Damn, I just read something on this..
Really interesting concept. Not bringing my laptop out in public anymore, not that I do it much anyways.

[Alin]

Damn, I just read something on this..
Really interesting concept. Not bringing my laptop out in public anymore, not that I do it much anyways.

You are safe in public. This attack is nice because we would not believe it to be possible. It's not something you could use in practice and you might as well physically talk the guy into surrendering his key.


I do agree the idea is awesome and it's ever more awesome it "works" in a perfect environment.

[vezzy]

For the record, this isn't conceptually new or something to be surprised about. Side channel and general security attacks that work on the highly low electrical and radio wave level have been around for a long time. Hopefully you've heard of a Faraday cage.

This was still an intriguing paper.

[Axon]

Interesting stuff. These kind of attacks have most significance in military field and espionage.