in a serving of pitta bread
Secret encryption keys can be stolen using a
cheap gadget so small it could be concealed
inside some pitta bread.
Israeli security researchers have demonstrated
how to capture radio emissions given off by
laptops that inadvertently leak data about the
keys.
Before now, grabbing the radio signals was
thought to require expensive, bulky equipment.
But the four-strong team managed it with
cheap components small enough to conceal
inside a piece of pocket bread.
'Not impressed'
The attack, developed by Daniel Genkin and
colleagues from Tel Aviv University, monitors
the radio signals given off by laptops when
their central processing unit is crunching data.
The team discovered that many different
operations in a computer, such as playing a
game or decrypting a file, had a characteristic
pattern of radio activity.
The differing power demands a CPU made as it
worked gave rise to these telltale signals, said
the group in a paper detailing their work .
By monitoring these signals when the
computer was decrypting a specific email
message sent to it by an attacker, it became
possible to work out the key being used to
secure data, they said.
After demonstrating that the attack worked in
the lab, the group created a mobile version
they dubbed the Portable Instrument for Trace
Acquisition (Pita), which they managed to
conceal inside a piece of pocket bread.
The attack had been demonstrated to work
from a distance of about 50cm (1ft 8in), said
the researchers.
Using their technique, the researchers were
able to grab keys used in several widely used
encryption programs and algorithms to protect
data.
Such attacks were well established, Steve
Armstrong, managing director of Logically
Secure, told tech news site The Register.
"If they can do it at 10m (32ft) in a different
room, I would be impressed. If the device
needs to be within 20cm, I am not," he said.
The team plan to present their work at a
technical conference on cryptographic
hardware in September.
No comments:
Post a Comment