Crypto Can Be Cracked ... Through Walls

Watch out for those side channels …

Introduction

The cracking of encryption keys has often involved brute force methods or targeting flaws in its implementation. There is, though, increasing interest in physical side-channel attacks where there is an unintentional information leakage of cryptography information, such as from electromagnetic radiation, power consumption, electric voltage fluctuations, and even sound and thermal variations. Few companies currently protect their devices against side-channel attacks, especially as it would prove costly, and require extensive testing with complex equipment.

Devices too are becoming faster, and, as they do, they are likely to emit an increasing amount of radio and electromagnetic (EM) emissions. A 2GHz processor, for example, is running at the same frequency as our wi-fi signals (2.4 GHz), and often the chips are not protected from emitting radio waves, and that is it a natural by-product of the fast operation of the device. As these high frequencies it is often difficult to stop EM emissions and from these being coupled into nearby wires and into other circuits.

Side-channel attacks

There has been work on cracking the RSA algorithm with acoustic methods, along with electromagnetic and voltage variations. Recently researchers have taken a significant step forward in a paper entitled [here]:

ECDH Key-Extraction via Low-Bandwidth Electromagnetic Attacks on PCs

Within this paper, the authors outline the cracking of ECDH (Elliptic Curve Diffie-Hellman) which is one of the most popular key exchange methods and is often used when connecting to sites such as Microsoft Live, Google and Facebook.

In the work, they attack the ECDH public-key encryption algorithm and measure electromagnetic changes. It uses carefully chosen ciphertext, and a time-frequency signal analysis technique, in order to crack the key. This releases the decryption key within seconds, including from an antenna in another room.