Scientists hack a computer using just the sound of the CPU.

Compton_effect

Honorary Master
Joined
Sep 7, 2006
Messages
12,287
Reaction score
1,102
Location
Outer arm - Milky Way/Sagittarius Cluster
Researchers extract 4096-bit RSA decryption keys from laptop computers in under an hour using a mobile phone placed next to the computer.

RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis

Ok. I'm impressed.

Many computers emit a high-pitched noise during operation, due to vibration in some of their electronic components. These acoustic emanations are more than a nuisance: they can convey information about the software running on the computer, and in particular leak sensitive information about security-related computations. In a preliminary presentation, we have shown that different RSA keys induce different sound patterns, but it was not clear how to extract individual key bits. The main problem was that the acoustic side channel has a very low bandwidth (under 20 kHz using common microphones, and a few hundred kHz using ultrasound microphones), many orders of magnitude below the GHz-scale clock rates of the attacked computers.

Here, we describe a new acoustic cryptanalysis key extraction attack, applicable to GnuPG's current implementation of RSA. The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour, using the sound generated by the computer during the decryption of some chosen ciphertexts. We experimentally demonstrate that such attacks can be carried out, using either a plain mobile phone placed next to the computer, or a more sensitive microphone placed 4 meters away.

Beyond acoustics, we demonstrate that a similar low-bandwidth attack can be performed by measuring the electric potential of a computer chassis. A suitably-equipped attacker need merely touch the target computer with his bare hand, or get the required leakage information from the ground wires at the remote end of VGA, USB or Ethernet cables.
 
Dammit and here I thought my linux iso's are safe in 4096 bit encryption.
 
We will control the horizontal. We will control the vertical. - seems like something from the twilight zone... haha
 
This is an article written by someone who took an academic paper but didn't quite understand what they were talking about.
There's a lot more to this, and I know because I read the paper back in '09 and we successfully got what we wanted in the lab.
If you want to know more, like the truth, PM me.. I don't talk about these things on public forums.

All I can say is, semiconductors, don't vibrate. Some do, but then we're talking about MEMS devices which are sensors.
 
This is an article written by someone who took an academic paper but didn't quite understand what they were talking about.
There's a lot more to this, and I know because I read the paper back in '09 and we successfully got what we wanted in the lab.
If you want to know more, like the truth, PM me.. I don't talk about these things on public forums.

All I can say is, semiconductors, don't vibrate. Some do, but then we're talking about MEMS devices which are sensors.

Aw spoilsport. Can't you imagine how the shows like Person of Interest will completely misinterpret this and use it as a gimmic?
 
All I can say is, semiconductors, don't vibrate. Some do, but then we're talking about MEMS devices which are sensors.
...except, it seems, this has nothing to to with the solid state microchips vibrating, and lots more to do with the voltage regulator circuitry:
In RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis, a paper by Daniel Genkin and Eran Tromer of Tel Aviv University and Adi Shamir, the authors show that a sensitive microphone (such as the one in a compromised mobile phone) can be used to infer a secret cryptographic key being used by a nearby computer. The computer's processor emits different quiet sounds ("coil whine...caused by voltage regulation circuits") as it performs cryptographic operations, and these sounds, properly analyzed, can reveal the key.

It's a pretty stunning attack, the sort of thing that sounds like science fiction. But the researchers are unimpeachable (Shamir is the "S" in RSA), and their paper is very clear.
Also, more (non) half-arsed info. :rolleyes:
 
Top
Sign up to the MyBroadband newsletter
X