[WTF!] Toughest encryption cracked by listening to your CPU with a phone

Lethn

legendary

Activity: 1540

Merit: 1000

Quote from: Gabi on December 22, 2013, 08:44:46 AM

Quote from: Lethn on December 21, 2013, 08:47:41 AM

I'm not a hardware expert but haven't we known for years about this kind of thing? Not surprised somebody has found out how to work stuff out through the computer noises because you even can diagnose technical problems from the beeps that come from your motherboard when you turn on the computer.

I hope you are joking lol. The "beeps" come from the motherboard speaker, it is there exactly to make these beeps, it is not they appear randomly lol. The speaker is there exactly to make beeps to tell you what's wrong.

How the hell did you come to the conclusion that I was saying they appeared randomly?

compro01

hero member

Activity: 590

Merit: 500

Quote from: black_swan on December 23, 2013, 10:37:48 AM

Please read this article, the information quote from the OP is incomplete
http://www.forbes.com/sites/timworstall/2013/12/21/researchers-break-rsa-4096-encryption-with-just-a-microphone-and-a-couple-of-emails/

Quote

Here’s what the researchers did do though. Send several emails to the system itself: this way they knew what the content of the emails was. They also recorded the sounds of the computer decoding those known emails. For all computers do indeed make noises as they work: not just the disk, other components make small sounds as they heat up, cool and so on, even as electrical currents change.

Yeah, it's a known-plaintext attack. Still potentially effective. I send you a GPG-encrypted email (which I obviously know the content of) and listen in to it being decrypted and run off with your private key.

shorena

copper member

Activity: 1498

Merit: 1499

No I dont escrow anymore.

Quote from: black_swan on December 23, 2013, 10:37:48 AM

Please read this article, the information quote from the OP is incomplete
http://www.forbes.com/sites/timworstall/2013/12/21/researchers-break-rsa-4096-encryption-with-just-a-microphone-and-a-couple-of-emails/

Quote

Here’s what the researchers did do though. Send several emails to the system itself: this way they knew what the content of the emails was. They also recorded the sounds of the computer decoding those known emails. For all computers do indeed make noises as they work: not just the disk, other components make small sounds as they heat up, cool and so on, even as electrical currents change.

I like how noone in this forum reads the comments others allready made.

Well to make this a little more than just a bitchy comment (sorry for that)

Dont read that forbes article its just as bad as any other, read the original paper, here: http://cs.tau.ac.il/~tromer/acoustic/

As allways, read the source.

black_swan

newbie

Activity: 42

Merit: 0

Please read this article, the information quote from the OP is incomplete
http://www.forbes.com/sites/timworstall/2013/12/21/researchers-break-rsa-4096-encryption-with-just-a-microphone-and-a-couple-of-emails/

Quote

Here’s what the researchers did do though. Send several emails to the system itself: this way they knew what the content of the emails was. They also recorded the sounds of the computer decoding those known emails. For all computers do indeed make noises as they work: not just the disk, other components make small sounds as they heat up, cool and so on, even as electrical currents change.

compro01

hero member

Activity: 590

Merit: 500

Quote from: Wipeout2097 on December 21, 2013, 08:01:57 AM

The PC bios has "spread spectrum" options to mitigate this kind of attacks

I thought spread spectrum was to tweak the radio emissions (spread it out over a wider band, rather than having big spikes at specificly frequencies), not acoustic emissions.

AFAICT, what they're picking up is high-frequency coil whine off the VRM.

shorena

copper member

Activity: 1498

Merit: 1499

No I dont escrow anymore.

Quote from: kuverty on December 22, 2013, 08:25:37 AM

Quote from: shorena on December 21, 2013, 09:39:00 AM

Keep in mind that you need:

to send several mails (amount depends on the length of the key) to the victim which you know the content off, mainly because of the bandwith of the used frequency.
a victim using an old GPG version (2.x is not affected)
to be able to get that close to your victim at the moment the prepared mails are encrypted
a victim using specific hardware (as far as I understood the paper not every cpu, board etc. is affected)

so keep your panties on and update GPG, which you should have done allready anyway.

And which is also quite rare (clarifying number one on your list), the recipient has to have configured her system so that it automatically decrypts any received messages. But anyway, that was just a demonstration of the possibility of such things and a very neat one. Who knows what might be possible if government agencies point sufficient resources, probably a lot more. Remember how many cryptographers NSA has employed, many of them on par with Shamir et al.

That's one crazy attack! These hardware-based attacks are interesting to me.

There is a lot more out there.

http://es.slideshare.net/endrazine/defcon-hardware-backdooring-is-practical

http://www.youtube.com/watch?v=8Mb4AiZ51Yk

Great talk on hardward backdoors.

http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/

The allready famous "badBIOS" virus.

Gabi

legendary

Activity: 1148

Merit: 1008

If you want to walk on water, get out of the boat

Quote from: Lethn on December 21, 2013, 08:47:41 AM

I'm not a hardware expert but haven't we known for years about this kind of thing? Not surprised somebody has found out how to work stuff out through the computer noises because you even can diagnose technical problems from the beeps that come from your motherboard when you turn on the computer.

I hope you are joking lol. The "beeps" come from the motherboard speaker, it is there exactly to make these beeps, it is not they appear randomly lol. The speaker is there exactly to make beeps to tell you what's wrong.

kuverty

sr. member

Activity: 770

Merit: 250

Quote from: shorena on December 21, 2013, 09:39:00 AM

Keep in mind that you need:

to send several mails (amount depends on the length of the key) to the victim which you know the content off, mainly because of the bandwith of the used frequency.
a victim using an old GPG version (2.x is not affected)
to be able to get that close to your victim at the moment the prepared mails are encrypted
a victim using specific hardware (as far as I understood the paper not every cpu, board etc. is affected)

so keep your panties on and update GPG, which you should have done allready anyway.

And which is also quite rare (clarifying number one on your list), the recipient has to have configured her system so that it automatically decrypts any received messages. But anyway, that was just a demonstration of the possibility of such things and a very neat one. Who knows what might be possible if government agencies point sufficient resources, probably a lot more. Remember how many cryptographers NSA has employed, many of them on par with Shamir et al.

That's one crazy attack! These hardware-based attacks are interesting to me.

eyjgvfdhbshm

member

Activity: 84

Merit: 10

they can listen in on your computer using the power supply, no internet connection needed, the power grid is the internet Wink

mprep

global moderator

Activity: 3766

Merit: 2610

In a world of peaches, don't ask for apple sauce

Another encryption system cracked open, well, at least a bit. Undecided

Ch1bi

full member

Activity: 289

Merit: 100

woah.. that is bananas

whiskers75

hero member

Activity: 658

Merit: 502

Doesn't use these forums that often.

Easy to stop, just do this in the background:

Code:

nice yes > /dev/null

(basically spams "y" to /dev/null)

shorena

copper member

Activity: 1498

Merit: 1499

No I dont escrow anymore.

Keep in mind that you need:

to send several mails (amount depends on the length of the key) to the victim which you know the content off, mainly because of the bandwith of the used frequency.
a victim using an old GPG version (2.x is not affected)
to be able to get that close to your victim at the moment the prepared mails are encrypted
a victim using specific hardware (as far as I understood the paper not every cpu, board etc. is affected)

so keep your panties on and update GPG, which you should have done allready anyway.

Lethn

legendary

Activity: 1540

Merit: 1000

I'm not a hardware expert but haven't we known for years about this kind of thing? Not surprised somebody has found out how to work stuff out through the computer noises because you even can diagnose technical problems from the beeps that come from your motherboard when you turn on the computer. To get past this it should be just a matter of designing components so that they don't transmit noises like this anymore if you want to be really paranoid about hackers.

While it's certainly pretty cool I don't know if it's cause for panic Tongue

Wipeout2097

sr. member

Activity: 840

Merit: 255

SportsIcon - Connect With Your Sports Heroes

The PC bios has "spread spectrum" options to mitigate this kind of attacks

some1

sr. member

Activity: 364

Merit: 250

667 one more than the devil

You can easily get rid of the problem with multi core CPUs or some background CPU-intensive process.
I see it as an exploit that works only in laboratories.

AirFlame

hero member

Activity: 784

Merit: 500

I need to cut my micro chip from my motherboard with the sound card !!! Yes this is insane !

Frost000

full member

Activity: 168

Merit: 100

That's absolutely insane... Yet cool at the same time!

Like others, I guess I'll be listening to some loud music from now on.

dopey

hero member

Activity: 1008

Merit: 514

Fascinating. I wonder how long until we see a phone app for this.

P_Shep

legendary

Activity: 1795

Merit: 1198

This is not OK.

Hmmmm... with CPUs pushing data through at gbps, I'm not so sure that the sound sampling is going to be quick enough.

Calling BS.

Topic: [WTF!] Toughest encryption cracked by listening to your CPU with a phone (Read 3712 times)