Security researchers have discovered a novel method for obtaining the private keys used in cryptographic applications: simply touching a computer with their bare hand.
A team of researchers at Tel Aviv University, led by Eran Tromer, demonstrated the attacker earlier this week at a security conference in California ahead of their paper's formal presentation. According to MIT's Technology Review
, the technique works through measuring fluctuations in the ground potential of a targeted computer to recreate the private cryptographic key used for decryption operations. The best way to measure the ground signal isn't exactly subtle: placing a wire against a metal part of the computer's chassis. More suitable for spy-craft is the discovery that a bare hand, preferably slightly clammy, can act as a go-between for the wire - allowing an attacker to casually lean against a system and potentially capture keys. It's also possible to use the ground connection on the far end of a USB, VGA or Ethernet cable, while Tromer even claims that wireless monitoring is possible, using sensitive signal analysers.
'Through suitable cryptanalysis and signal processing, we have extracted 4096-bit RSA keys and 3072-bit ElGamal keys from laptops, via each of these channels, as well as via power analysis and electromagnetic probing,
' Tromer writes on his university webpage
. 'Despite the GHz-scale clock rate of the laptops and numerous noise sources, the full attacks require a few seconds of measurements using Medium Frequency signals (around 2 MHz), or one hour using Low Frequency signals (up to 40 kHz).
Tromer's team also addressed the use of electromagnetic field (EMF) emanations, a variant on the US military's classic TEMPEST technique, and extracting the cryptographic secrets by measuring the fluctuating power draw of a target system - a technique that works, he claims, 'even though PCs use complex switching power supplies, which partially decouple the power source from the CPU load, and moreover employ large capacitors, chokes, and shields for electromagnetic compatibility (EMC) compliance — all of which attenuate and disrupt the signals sought in traditional power analysis.
For those concerned about their security, the fact that each of Tromer's attacks requires that the attacker is within a very short range of a target system - or the end-point of a connected cable - should be reassuring. Those wanting more details can read the extended paper