Watch Out When You Put Your Key in A Lock … Someone May Be Creating A Copy Of Your Key
I love side channels … leaking information through non-obvious sources such as from sound, electromagnetic signals and electrical noise. Now, researchers have should how it is possible to print a 3D for a lock based on listening to the pins falling within a lock [here]:
With this, the microphone picks up the click of the key going into the lock and listens to the pins falling for the ridges in the key, and then predicting the shape of the key:
An example of an amplified sound wave is here:
In the end, the analysis software (SpiKey) creates a shortlist of just three keys, and which can then be created as physical keys. Here is a live demo:
Cracking Keys through side-channels
The cracking of encryption keys has often involved brute force methods or targeting flaws in its implementation. There is, though, increasing interest in physical side-channel attacks where there is an unintentional information leakage of cryptography information, such as from electromagnetic radiation, power consumption, electric voltage fluctuations, and even sound and thermal variations. Few companies currently protect their devices against side-channel attacks, especially as it would prove costly, and require extensive testing with complex equipment.
Devices too are becoming faster, and, as they do, they are likely to emit an increasing amount of radio and electromagnetic (EM) emissions. A 2GHz processor, for example, is running at the same frequency as our wi-fi signals (2.4 GHz), and often the chips are not protected from emitting radio waves, and that is it a natural by-product of the fast operation of the device. As these high frequencies it is often difficult to stop EM emissions and from these being coupled into nearby wires and into other circuits.
There has been work on cracking the RSA algorithm with acoustic methods, along with electromagnetic and voltage variations. Recently researchers have taken a significant step forward in a paper entitled [here]:
ECDH Key-Extraction via Low-Bandwidth Electromagnetic Attacks on PCs
Within this paper, the authors outline the cracking of ECDH (Elliptic Curve Diffie-Hellman) which is one of the most popular key exchange methods and is often used when connecting to sites such as Microsoft Live, Google and Facebook.
In the work, they attack the ECDH public-key encryption algorithm and measure electromagnetic changes. It uses carefully chosen ciphertext, and a time-frequency signal analysis technique, in order to crack the key. This releases the decryption key within seconds, including from an antenna in another room.
ECDH is now a popular method and is basically the Diffie-Hellman key exchange method with the usage of elliptic curve methods.
The work of modulating the power rails on chips is well documented for discovering encryption keys, where the security and protection of the key are reduced. There has also been work on a “cold boot” where the memory chips are frozen, and which keep their bit states:
Differential Power analysis on SIM cards
So up to now, we all thought that SIM cards were secure from most types of attack. But Prof Yu-Yu from Shanghai Jiao Tong University has now shown that 3G/4G SIM cards, using 128-bit AES, can be hacked — so the nightmare of SIM card cloning could come true [paper].
The access to SIM encryption keys is a key focus for law enforcement, and it was highlighted earlier in the year when law enforcement agents were suspected of stealing the billions of encryption keys from Dutch SIM card manufacturer Gemalto. These keys would allow access to both the data and voice messages on the phones.
In his Black Hat USA 2015 presentation this week Prof Yu-Yu outlined how a differential power analysis method that recovers encryption keys from SIM cards and which allows them to be cloned. Overall it takes 10–40 minutes to recover the key, and his method has succeeded on eight of the most popular SIM card manufacturers.
He uses basically an oscilloscope to capture the power changes and a MP300-SC2 protocol analyser, along with a PC to analyse the cryptography (Figure 1). The work uses Differential Power Analysis (DPA). With Simple Power Analysis (SPA) we monitoring the power consumed by the processor, and this can give hints on the contents of its registers and data buses.
Figure 1: Prof Yu-Yu’s experimental setup
With DPA, the chips are given some tests for encryption, and then the power levels are observed for the chips, after which they are analysed to show a correlation of the bit patterns used (Figure 2). The differences in the encryption process are then used to crack the key. For example, we take some test data, and apply a range of keys to the device, and watch the power levels. Each of the power consumption levels will change depending on the activity within the chip.
Figure 2: Power analysis of the AES method
Why is this so interesting to us? Well, our research team … including Dr Owen Lo … have been investigating side-channel attacks on devices … and can crack 128-bit AES keys in less than 30 minutes, just by listening to the power supply …
and here’s a side-channel in RSA: