Communications of the ACM
Computer-Stored Encryption Keys Are Not Safe From Side-Channel Attacks
Tel Aviv University researchers have identified a way to ex-filtrate complex encyption data using side-channel technology.
Credit: Daniel Genkin, Lev Pachmanov, Itamar Pipman, Eran Tromer, Tel Aviv University
Tel Aviv University researchers have found a way to ex-filtrate complex encryption data using side-channel technology.
The researchers determined decryption keys for mathematically secure cryptographic schemes by capturing information about secret values inside the computer.
"The attacks can extract decryption keys using a low measurement bandwidth (a frequency band of less than 100 kHz around a carrier under 2 MHz) even when attacking multi-GHz [central-processing units]," the researchers say.
They developed several attacks based on this approach.
The Software Defined Radio (SDR) attack consists of a shielded loop antenna to capture the side-channel signal, which is then recorded by an SDR program installed on a notebook.
The Portable Instrument for Trace Acquisition (PITA) attack involves using available electronics and food items to build a self-contained receiver with online and autonomous modes. In the online mode, PITA connects to a nearby observation station via Wi-Fi, providing real-time streaming of the digitized signal. In the autonomous mode, PITA first measures the digitized signal, then records it on an internal microSD card for later retrieval by physical access or via Wi-Fi.
The consumer radio attack uses a plain consumer-grade radio receiver to acquire the desired signal, replacing the magnetic probe and SDR receiver. The signal is recorded by connecting it to a smartphone's microphone input jack.
From Tech Republic
View Full Article
Abstracts Copyright © 2015 Information Inc., Bethesda, Maryland, USA
No entries found