Pages:
Author

Topic: [WTF!] Toughest encryption cracked by listening to your CPU with a phone (Read 3771 times)

legendary
Activity: 1540
Merit: 1000
I'm not a hardware expert but haven't we known for years about this kind of thing? Not surprised somebody has found out how to work stuff out through the computer noises because you even can diagnose technical problems from the beeps that come from your motherboard when you turn on the computer.
I hope you are joking lol. The "beeps" come from the motherboard speaker, it is there exactly to make these beeps, it is not they appear randomly lol. The speaker is there exactly to make beeps to tell you what's wrong.

How the hell did you come to the conclusion that I was saying they appeared randomly?
hero member
Activity: 590
Merit: 500
Please read this article, the information quote from the OP is incomplete
http://www.forbes.com/sites/timworstall/2013/12/21/researchers-break-rsa-4096-encryption-with-just-a-microphone-and-a-couple-of-emails/

Quote
Here’s what the researchers did do though. Send several emails to the system itself: this way they knew what the content of the emails was. They also recorded the sounds of the computer decoding those known emails. For all computers do indeed make noises as they work: not just the disk, other components make small sounds as they heat up, cool and so on, even as electrical currents change.

Yeah, it's a known-plaintext attack.  Still potentially effective.  I send you a GPG-encrypted email (which I obviously know the content of) and listen in to it being decrypted and run off with your private key.
copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
Please read this article, the information quote from the OP is incomplete
http://www.forbes.com/sites/timworstall/2013/12/21/researchers-break-rsa-4096-encryption-with-just-a-microphone-and-a-couple-of-emails/

Quote
Here’s what the researchers did do though. Send several emails to the system itself: this way they knew what the content of the emails was. They also recorded the sounds of the computer decoding those known emails. For all computers do indeed make noises as they work: not just the disk, other components make small sounds as they heat up, cool and so on, even as electrical currents change.


I like how noone in this forum reads the comments others allready made.

Well to make this a little more than just a bitchy comment (sorry for that)

Dont read that forbes article its just as bad as any other, read the original paper, here: http://cs.tau.ac.il/~tromer/acoustic/

As allways, read the source.
newbie
Activity: 42
Merit: 0
Please read this article, the information quote from the OP is incomplete
http://www.forbes.com/sites/timworstall/2013/12/21/researchers-break-rsa-4096-encryption-with-just-a-microphone-and-a-couple-of-emails/

Quote
Here’s what the researchers did do though. Send several emails to the system itself: this way they knew what the content of the emails was. They also recorded the sounds of the computer decoding those known emails. For all computers do indeed make noises as they work: not just the disk, other components make small sounds as they heat up, cool and so on, even as electrical currents change.
hero member
Activity: 590
Merit: 500
The PC bios has "spread spectrum" options to mitigate this kind of attacks

I thought spread spectrum was to tweak the radio emissions (spread it out over a wider band, rather than having big spikes at specificly frequencies), not acoustic emissions.

AFAICT, what they're picking up is high-frequency coil whine off the VRM.
copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
Keep in mind that you need:

  • to send several mails (amount depends on the length of the key) to the victim which you know the content off, mainly because of the bandwith of the used frequency.
  • a victim using an old GPG version (2.x is not affected)
  • to be able to get that close to your victim at the moment the prepared mails are encrypted
  • a victim using specific hardware (as far as I understood the paper not every cpu, board etc. is affected)

so keep your panties on and update GPG, which you should have done allready anyway.

And which is also quite rare (clarifying number one on your list), the recipient has to have configured her system so that it automatically decrypts any received messages. But anyway, that was just a demonstration of the possibility of such things and a very neat one. Who knows what might be possible if government agencies point sufficient resources, probably a lot more. Remember how many cryptographers NSA has employed, many of them on par with Shamir et al.

That's one crazy attack! These hardware-based attacks are interesting to me.


There is a lot more out there.

http://es.slideshare.net/endrazine/defcon-hardware-backdooring-is-practical

http://www.youtube.com/watch?v=8Mb4AiZ51Yk

Great talk on hardward backdoors.


http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/

The allready famous "badBIOS" virus.


legendary
Activity: 1148
Merit: 1008
If you want to walk on water, get out of the boat
I'm not a hardware expert but haven't we known for years about this kind of thing? Not surprised somebody has found out how to work stuff out through the computer noises because you even can diagnose technical problems from the beeps that come from your motherboard when you turn on the computer.
I hope you are joking lol. The "beeps" come from the motherboard speaker, it is there exactly to make these beeps, it is not they appear randomly lol. The speaker is there exactly to make beeps to tell you what's wrong.
sr. member
Activity: 770
Merit: 250
Keep in mind that you need:

  • to send several mails (amount depends on the length of the key) to the victim which you know the content off, mainly because of the bandwith of the used frequency.
  • a victim using an old GPG version (2.x is not affected)
  • to be able to get that close to your victim at the moment the prepared mails are encrypted
  • a victim using specific hardware (as far as I understood the paper not every cpu, board etc. is affected)

so keep your panties on and update GPG, which you should have done allready anyway.

And which is also quite rare (clarifying number one on your list), the recipient has to have configured her system so that it automatically decrypts any received messages. But anyway, that was just a demonstration of the possibility of such things and a very neat one. Who knows what might be possible if government agencies point sufficient resources, probably a lot more. Remember how many cryptographers NSA has employed, many of them on par with Shamir et al.

That's one crazy attack! These hardware-based attacks are interesting to me.
member
Activity: 84
Merit: 10
they can listen in on your computer using the power supply, no internet connection needed, the power grid is the internet  Wink
global moderator
Activity: 3794
Merit: 2612
In a world of peaches, don't ask for apple sauce
Another encryption system cracked open, well, at least a bit. Undecided
full member
Activity: 289
Merit: 100
woah.. that is bananas
hero member
Activity: 658
Merit: 502
Doesn't use these forums that often.
Easy to stop, just do this in the background:
Code:
nice yes > /dev/null
(basically spams "y" to /dev/null)
copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
Keep in mind that you need:

  • to send several mails (amount depends on the length of the key) to the victim which you know the content off, mainly because of the bandwith of the used frequency.
  • a victim using an old GPG version (2.x is not affected)
  • to be able to get that close to your victim at the moment the prepared mails are encrypted
  • a victim using specific hardware (as far as I understood the paper not every cpu, board etc. is affected)

so keep your panties on and update GPG, which you should have done allready anyway.
legendary
Activity: 1540
Merit: 1000
I'm not a hardware expert but haven't we known for years about this kind of thing? Not surprised somebody has found out how to work stuff out through the computer noises because you even can diagnose technical problems from the beeps that come from your motherboard when you turn on the computer. To get past this it should be just a matter of designing components so that they don't transmit noises like this anymore if you want to be really paranoid about hackers.

While it's certainly pretty cool I don't know if it's cause for panic Tongue
sr. member
Activity: 840
Merit: 255
SportsIcon - Connect With Your Sports Heroes
The PC bios has "spread spectrum" options to mitigate this kind of attacks
sr. member
Activity: 364
Merit: 250
667 one more than the devil
You can easily get rid of the problem with multi core CPUs or some background CPU-intensive process.
I see it as an exploit that works only in laboratories.
hero member
Activity: 784
Merit: 500
I need to cut my micro chip from my motherboard with the sound card !!! Yes this is insane !
full member
Activity: 168
Merit: 100
That's absolutely insane... Yet cool at the same time!

Like others, I guess I'll be listening to some loud music from now on.
hero member
Activity: 1008
Merit: 514
Fascinating. I wonder how long until we see a phone app for this.
legendary
Activity: 1795
Merit: 1208
This is not OK.
Hmmmm... with CPUs pushing data through at gbps, I'm not so sure that the sound sampling is going to be quick enough.

Calling BS.
Pages:
Jump to: