Monday, December 23, 2013

Acoustic cryptanalysis: breaking RSA key with a simple micro - Clubic

A team of security researchers recently received read data remotely listening to a computer, literally, with … a simple microphone.
Cryptanalyse acoustic RSA

Many are those who believe in the shelter when they turned off the Wi-Fi But with a new method of “acoustic cryptanalysis”, researchers do not even need access to a computer or data retrieve a decryption key RSA 4096 bits. Ironically we owe this discovery to one of the co-inventors of the RSA encryption algorithm, Adi Shamir, assisted by Daniel Genkin and Eran Tromer, University of Tel Aviv.

Study that they published last week, proves that you can literally listen to a computer using a current equipment. A computer generates all kinds of noise: the voltage regulator of the processor transmits a signal, in particular at high frequency (between 10 and 150 kHz), varying depending on the use the processor, which can detect with a microphone and that can translate into assembler instructions.

 Acoustic cryptanalysis RSA class=”mini griser”> Each signal corresponds to an assembler instruction, the low level language processors

The margin of error is such that it would be very difficult to follow all the operations of a real-time processor, but some operations, such as deciphering the different parts of a file are repeated enough to be the capture accurately in less than an hour.

researchers have succeeded using a parabolic microphone high quality up to a distance of 4 m, but also with the internal microphone placed a conventional phone 30 cm from the target computer. It is also possible by measuring the electrical potential across an Ethernet, USB or VGA port, or even through the user’s computer simply touch with bare hands.

The study only one of the locations of the RSA encryption, but it is possible to reproduce on the other. To guard there are at least two solutions: decrypt data in a remote location … or play a violin concerto simultaneously

 Acoustic cryptanalysis RSA

No comments:

Post a Comment