During the early days of safecracking, rudimentary rotary locks were compromised by feel or sound to determine the correct combination. Following in this tradition, a security researcher known as Plore recently demonstrated how side-channel attacks can be exploited to unlock “high security” electronic safes without leaving any evidence of unauthorized access.
A side-channel can perhaps best be defined as an unintentional channel – such as one created by power consumption or EM emissions – that provides information about the internal activity of a chip. These low-cost, non-invasive methods enable attackers to stealthily extract secret cryptographic keys used during normal device operations.
For the first side-channel hack, Plore targeted the Sargent and Greenleaf 6120, a lock developed in the 1990s which is still sold today. Essentially, Plore deduced the correct code by pressing random keys and monitoring the resulting current being consumed by the lock.
“What you do is place the resistor in series with the battery and the lock,” Plore told Wired. “By monitoring voltage across that resistor we can learn how much current the lock is drawing at any particular time. And from that we learn something about the state of the lock.”
Indeed, the lock is programmed to cross-check the pressed keypads against its stored code. During this process, the current on the data line fluctuates depending on whether the bits storing each number in the code are a 0 or 1. Put simply, this technique effectively spells out each correct key (number), allowing an attacker to line up all of the digits in sequence and enter them on the keypad to unlock the safe.
For his next hack, Plore took on a newer lock, the Sargent and Greenleaf Titan PivotBolt, with a side-channel timing attack that exploited an observable 28 microsecond delay in current consumption increase when a correct digit was selected.
“Burglars aren’t going to bother with this. They’re going to use a crowbar or a hydraulic jack from your garage or if they’re really fancy they’ll use a torch,” Plore told Wired. “I think the more interesting thing here is [these attacks] have applicability to other systems.”
As we’ve previously discussed on Rambus Press, many electronic devices that use cryptography are susceptible to side-channel attacks, including simple power analysis (SPA) and differential power analysis (DPA). For example, stolen cryptographic keys lifted from a smartphone can be used to serve up gigabytes of sensitive personal and corporate information, while inadvertently facilitating the unauthorized execution of multiple transactions.
In a broader sense, once the keys have been extracted, attackers can easily gain unauthorized access to a device, decrypt or forge messages, steal identities, clone devices, create false signatures and perform additional unauthorized transactions. To be sure, electronic circuits are inherently leaky, as they produce a variety of emissions as by products that make it possible for an attacker to deduce how the circuit works and what data it is processing.
According to Asaf Ashkenazi, a senior director of product marketing at Rambus’ security division, multiple variants of side-channel attacks can effectively reveal a surprising amount of information – especially if such attacks are combined.
“[Nor] do hackers need expensive equipment to do this,” he told New Electronics earlier this month. Pay a visit to the Dark Net and you can download the necessary software to carry out these attacks.”