Author

Topic: Gadget claims to steal encrypted keys from 19" distance. Time for Paper wallet ? (Read 1008 times)

staff
Activity: 4284
Merit: 8808
After reading this, I had a scary thought: what if hardware wallet companies made this technology easy to obtain and use, allowing anyone to compromise wallets on devices such as laptops, and in turn forcing Bitcoiners to purchase a Trevor or something similar.
Small hardware wallets tend to be more vulnerable to this sort of thing as they have much less room for adequate shielding, less CPU cycles to run hardened algorithims, and run at slower speeds that make observations easier.
legendary
Activity: 1526
Merit: 1034
After reading this, I had a scary thought: what if hardware wallet companies made this technology easy to obtain and use, allowing anyone to compromise wallets on devices such as laptops, and in turn forcing Bitcoiners to purchase a Trevor or something similar.
staff
Activity: 4284
Merit: 8808
Thanks for the clarification. But, it is not nice to argue that PaperWallets are unsafe just to back up electronic storage. PaperWallets are not supposed to be generated online and offline generations are quite safe. If someone dowaloads bitaddress.org source code from Github and generates PapaerWallet in an offline (which I assume is not in the vicinity of this new gadget), then what is wrong with it ?
Nothing about this attack involves online anything.  It involves radio emissions of a device while it is generating keys or signing.  Use of the "paper wallet" only dramatically increase your vulnerablity to this rather fringe attack over behavior normally-- because the sofrware used for paperwallets is (as far as I've seen) never even constant time much less reduced-emi...

It is all over for cryptos based on this technology.
All _zero_ of them?

My take is that you would have to be James Bond to pull it off.
Pretty much. There are cases where it may be relevant-- consider security procedures for commercial cold wallets, but not for most people.
full member
Activity: 210
Merit: 104
“Create Your Decentralized Life”
How would this affect the hardware wallets? Considering you need the unique chip to be inserted to access coins, wouldn't something like a Ledger wallet be safe or safer at least?
My take is that you would have to be James Bond to pull it off.  The gadget can tell what numbers are being used, but I don't know if it can reliably determine when.  So just walking around and listening to everything would probably not give the desired effect.

It's a very targeted attack, but simply one more thing to watch out for.  If you pay for coffee with bitcoin and you notice a guy with wires hanging out of his backpack pointing one at your hardware wallet while you sign your bitcoin transactions... well then in that case, stick around and ask the guy a few questions.
legendary
Activity: 1456
Merit: 1010
Ad maiora!
How would this affect the hardware wallets? Considering you need the unique chip to be inserted to access coins, wouldn't something like a Ledger wallet be safe or safer at least?

The big financial services providers most likely have already changed the algorithms on their side... Effectively disabling these type of attacks, not sure BTC devs are so quick to act.

A guy with one of these pitas in a waist- height carried handbag, walking around a crowded place (schools, universities, public transit, airports) could do some serious damage.

Still I have not heard one report of anyone losing anything yet.
sr. member
Activity: 728
Merit: 256
If what they claim is true, no electronic storage for private keys are safe anymore. Paper wallet unaffected Smiley
None of these things effect _storage_; they potentially effect key generation and signing. When the key is at rest, no issue.  All of the "paperwallet" utilities I've seen are _highly_ vulnerable to sidechannel attacks. Worse, many are just webpages which are vulnerable to a littany of additional attacks.

Meanwhile, Bitcoin core is already hardened against this sort of thing.


It often seems to be the case that people spread FUD around fringe concerns with recommended actions that would actually make people less safe. One of the great mysteries of Bitcoin.


Thanks for the clarification. But, it is not nice to argue that PaperWallets are unsafe just to back up electronic storage. PaperWallets are not supposed to be generated online and offline generations are quite safe. If someone dowaloads bitaddress.org source code from Github and generates PapaerWallet in an offline (which I assume is not in the vicinity of this new gadget), then what is wrong with it ?
legendary
Activity: 3248
Merit: 1070
that shit can't steal key that are inside a wallet in a cold storage like usb, problem is solved

also the article mentioned a way to deal with it at the end, not a threat
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
You just have to generate a stronger EMF to jam all others.
legendary
Activity: 1274
Merit: 1000
The Golden Rule Rules
It is all over for cryptos based on this technology.
full member
Activity: 210
Merit: 104
“Create Your Decentralized Life”
Countermeasure is already there. You need to keep your electronic device containing your private key inside Faraday Cage.

Can't wait till treznor adds it to their 2015 lineup
legendary
Activity: 2660
Merit: 1074
Maybe, but you won't hold forever bitcoin, you will have to use it one day. What to do, then?

For generating key purposes, just go to a place where you normally won't go that will be empty or close to it, and use an offline computer to generate the keys.

I can think about good places to generate keys without the risk of being attacked
staff
Activity: 4284
Merit: 8808
If what they claim is true, no electronic storage for private keys are safe anymore. Paper wallet unaffected Smiley
None of these things effect _storage_; they potentially effect key generation and signing. When the key is at rest, no issue.  All of the "paperwallet" utilities I've seen are _highly_ vulnerable to sidechannel attacks. Worse, many are just webpages which are vulnerable to a littany of additional attacks.

Meanwhile, Bitcoin core is already hardened against this sort of thing.


It often seems to be the case that people spread FUD around fringe concerns with recommended actions that would actually make people less safe. One of the great mysteries of Bitcoin.
legendary
Activity: 2226
Merit: 1052
That's really shocking. I really hope the researchers don't sell it to intelligence agencies anytime soon... Hopefully, countermeasures will be developed that make this kind of attack unfeasible.

Countermeasure is already there. You need to keep your electronic device containing your private key inside Faraday Cage.
legendary
Activity: 1806
Merit: 1024
That's really shocking. I really hope the researchers don't sell it to intelligence agencies anytime soon... Hopefully, countermeasures will be developed that make this kind of attack unfeasible.

This was already linked in the forums... As for paper wallets, they are still not safe if the device captures readings from a printer.

So far the device has not been deployed globally. So print your paper wallets while you still can... Wink

ya.ya.yo!
legendary
Activity: 1512
Merit: 1012
This was already linked in the forums... As for paper wallets, they are still not safe if the device captures readings from a printer.
full member
Activity: 210
Merit: 104
“Create Your Decentralized Life”
Excerpt from the paper https://www.tau.ac.il/~tromer/radioexp/

Quote
We demonstrate the extraction of secret decryption keys from laptop computers, by nonintrusively measuring electromagnetic emanations for a few seconds from a distance of 50 cm. The attack can be executed using cheap and readily-available equipment: a consumer-grade radio receiver or a Software Defined Radio USB dongle. The setup is compact and can operate untethered; it can be easily concealed, e.g., inside pita bread. Common laptops, and popular implementations of RSA and ElGamal encryptions, are vulnerable to this attack, including those that implement the decryption using modern exponentiation algorithms such as sliding-window, or even its side-channel resistant variant, fixed-window (m-ary) exponentiation.

We successfully extracted keys from laptops of various models running GnuPG (popular open source encryption software, implementing the OpenPGP standard), within a few seconds. The attack sends a few carefully-crafted ciphertexts, and when these are decrypted by the target computer, they trigger the occurrence of specially-structured values inside the decryption software. These special values cause observable fluctuations in the electromagnetic field surrounding the laptop, in a way that depends on the pattern of key bits (specifically, the key-bits window in the exponentiation routine). The secret key can be deduced from these fluctuations, through signal processing and cryptanalysis.

Source: http://bgr.com/2015/07/08/hacking-tools-pita-encryption-keys-radio-waves/

If what they claim is true, no electronic storage for private keys are safe anymore. Paper wallet unaffected Smiley
I read the same in a industry blog earlier this year.  Scary stuff.  The demo I saw was a single laptop in a university lecture hall (ie isolated).  I'd like to see them point it at a cell phone in a cafe during a bitcoin purchase.  Lots of other EMF for them to swim through.  Still, the crooks out there are bound to have read the same article by now.
legendary
Activity: 2226
Merit: 1052
Excerpt from the paper https://www.tau.ac.il/~tromer/radioexp/

Quote
We demonstrate the extraction of secret decryption keys from laptop computers, by nonintrusively measuring electromagnetic emanations for a few seconds from a distance of 50 cm. The attack can be executed using cheap and readily-available equipment: a consumer-grade radio receiver or a Software Defined Radio USB dongle. The setup is compact and can operate untethered; it can be easily concealed, e.g., inside pita bread. Common laptops, and popular implementations of RSA and ElGamal encryptions, are vulnerable to this attack, including those that implement the decryption using modern exponentiation algorithms such as sliding-window, or even its side-channel resistant variant, fixed-window (m-ary) exponentiation.

We successfully extracted keys from laptops of various models running GnuPG (popular open source encryption software, implementing the OpenPGP standard), within a few seconds. The attack sends a few carefully-crafted ciphertexts, and when these are decrypted by the target computer, they trigger the occurrence of specially-structured values inside the decryption software. These special values cause observable fluctuations in the electromagnetic field surrounding the laptop, in a way that depends on the pattern of key bits (specifically, the key-bits window in the exponentiation routine). The secret key can be deduced from these fluctuations, through signal processing and cryptanalysis.

Source: http://bgr.com/2015/07/08/hacking-tools-pita-encryption-keys-radio-waves/

If what they claim is true, no electronic storage for private keys are safe anymore. Paper wallet unaffected Smiley
Jump to: