pastebin - collaborative debugging tool
secsav.kpaste.net RSS


SDR_attack
Posted by Anonymous on Thu 5th Mar 2015 11:25
raw | new post

  1. Stealing Keys from PCs using a Radio:
  2. Cheap Electromagnetic Attacks on Windowed Exponentiation
  3.  
  4. http://www.cs.tau.ac.il/~tromer/radioexp/
  5.  
  6. "Overview
  7.  
  8. We demonstrate the extraction of secret decryption keys from laptop computers, by nonintrusively measuring electromagnetic emanations for a few seconds from a distance of 50 cm. The attack can be executed using cheap and readily-available equipment: a consumer-grade radio receiver or a Software Defined Radio USB dongle. The setup is compact and can operate untethered; it can be easily concealed, e.g., inside pita bread. Common laptops, and popular implementations of RSA and ElGamal encryptions, are vulnerable to this attack, including those that implement the decryption using modern exponentiation algorithms such as sliding-window, or even its side-channel resistant variant, fixed-window (m-ary) exponentiation.
  9.  
  10. We successfully extracted keys from laptops of various models running GnuPG (popular open source encryption software, implementing the OpenPGP standard), within a few seconds. The attack sends a few carefully-crafted ciphertexts, and when these are decrypted by the target computer, they trigger the occurrence of specially-structured values inside the decryption software. These special values cause observable fluctuations in the electromagnetic field surrounding the laptop, in a way that depends on the pattern of key bits (specifically, the key-bits window in the exponentiation routine). The secret key can be deduced from these fluctuations, through signal processing and cryptanalysis."
  11.  
  12. #########################################
  13.  
  14. Cryptology ePrint Archive: Report 2015/170
  15.  
  16. http://eprint.iacr.org/2015/170
  17.  
  18. "Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation
  19.  
  20. Daniel Genkin and Lev Pachmanov and Itamar Pipman and Eran Tromer
  21. Abstract: We present new side-channel attacks on RSA and ElGamal implementations that use the popular sliding-window or fixed-window (m-ary) modular exponentiation algorithms. The attacks can extract decryption keys using a very low measurement bandwidth (a frequency band of less than 100 kHz around a carrier under 2 MHz) even when attacking multi-GHz CPUs.
  22.  
  23. We demonstrate the attacks' feasibility by extracting keys from GnuPG, in a few seconds, using a nonintrusive measurement of electromagnetic emanations from laptop computers. The measurement equipment is cheap and compact, uses readily-available components (a Software Defined Radio USB dongle or a consumer-grade radio receiver), and can operate untethered while concealed, e.g., inside pita bread.
  24.  
  25. The attacks use a few non-adaptive chosen ciphertexts, crafted so that whenever the decryption routine encounters particular bit patterns in the secret key, intermediate values occur with a special structure that causes observable fluctuations in the electromagnetic field. Through suitable signal processing and cryptanalysis, the bit patterns and eventually the whole secret key are recovered.
  26.  
  27. Category / Keywords: side channel, electromagnetic analysis, RSA, ElGamal
  28.  
  29. Date: received 27 Feb 2015, last revised 3 Mar 2015
  30.  
  31. Contact author: tromer at cs tau ac il"
  32.  
  33. #########################################
  34. EOF

Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.

Syntax highlighting:

To highlight particular lines, prefix each line with {%HIGHLIGHT}




All content is user-submitted.
The administrators of this site (kpaste.net) are not responsible for their content.
Abuse reports should be emailed to us at