Radio emissions leak secret crypto-keys

This entry was posted on Thursday, June 25th, 2015.

A team of Tel Aviv University (TAU) researchers has demonstrated the successful extraction of secret decryption keys from laptop computers via the non-intrusive measurement of electromagnetic emanations from a distance of 50 centimeters and a total duration of just a few seconds.

According to an abstract cited by The Register’s John Leyden, such attacks can be executed using inexpensive and readily available equipment including consumer-grade radio receivers or software defined radio USB dongles.

“The setup is compact and can operate untethered; it can be easily concealed,” the researchers confirmed.


Image Credit: Tel Aviv University (TAU)

“Common laptops, and popular implementations of RSA and ElGamal encryptions, are vulnerable to this attack, including those that implement the decryption using modern exponentiation algorithms such as sliding-window, or even its side-channel resistant variant, fixed-window (m-ary) exponentiation.”

Indeed, the TAU team successfully extracted keys from laptops of various models running GnuPG, a popular open source encryption platform that implements the OpenPGP standard.

“The attack sends a few carefully-crafted ciphertexts. When these are decrypted by the target computer, they trigger the occurrence of specially-structured values inside the decryption software,” the researchers explained. “These special values cause observable fluctuations in the electromagnetic field surrounding the laptop, in a way that depends on the pattern of key bits (specifically, the key-bits window in the exponentiation routine). The secret key can be deduced from these fluctuations, through signal processing and cryptanalysis.”

Commenting on the above-mentioned report, Dr. Pankaj Rohatgi, Fellow, Hardware Security Solutions at the Cryptography Division of Rambus, confirmed that such attacks are quite feasible and affect a wide range of devices.

“As the Tel Aviv University researchers demonstrated, these attacks can be performed using low-cost equipment,” said Rohatgi. “We at the Cryptography Research Division of Rambus have been working with several forward-thinking customers to fix this problem at the source. Nevertheless, many in the broader industry still have the misconception that such attacks are difficult or costly to perform.”