Get Your Hands Off My Laptop: Physical Side-Channel Key-Extraction Attacks On PCs
We demonstrated physical side-channel attacks on a popular software implementation of RSA and ElGamal, running on laptop computers. Our attacks use novel side channels and are based on the observation that the "ground" electric potential in many computers fluctuates in a computation-dependent way. An attacker can measure this signal by touching exposed metal on the computer's chassis with a plain wire, or even with a bare hand. The signal can also be measured at the remote end of Ethernet, VGA or USB cables.
Through suitable cryptanalysis and signal processing, we have extracted 4096-bit RSA keys and 3072-bit ElGamal keys from laptops, via each of these channels, as well as via power analysis and electromagnetic probing. Despite the GHz-scale clock rate of the laptops and numerous noise sources, the full attacks require a few seconds of measurements using Medium Frequency signals (around 2 MHz), or one hour using Low Frequency signals (up to 40 kHz).
In Kürze: man klemmt ein Kabel ans Laptopgehäuse, oder fasst (die geeignete Ausrüstung vorausgesetzt) einfach mit der Hand dran. Dann extrahiert man aus dem Signal auf dem elektrischen Potential die Keys, die für's Verschlüsseln verwendet werden. Wahlweise geht das auch über's Netzwerk-, Bildschirm- oder USB-Druckerkabel. Den Bericht gibt's hier.
publiziert Sat, 09 Aug 2014 21:37:32 +0200 #exploits #hacks #hardware #kryptographie