As it was noted by a known infosec expert Thomas Ptacek, the truth about modern real-world cryptography is that most of it is fatally broken. But this by no means implies that encryption is not useful. Quite the contrary, cryptography works well when it is very carefully implemented but the problem is that it is rarely the case.
Most cryptographic protocols used today are mathematically sound. Methods from complexity and information sciences let researchers prove that one algorithm or another is impossible to crack in a period of time that would be relevant to an attacker. As an example, the most widely used public-key encryption scheme called RSA relies on the prime factorization problem: given a large number, what are the two primes that give this number when multiplied?
If the number is big enough, the attacker may simply check all the possible prime pairs and eventually get the right numbers. But of what use is this technique if the results are going to show only after thousands of years? Hence, in such case it is said that key extraction, although possible in principle, is just implausible.
But the whole trouble about real-world crypto is that it is not going on in the abstract realm of mathematics. We need computers to generate random numbers. We also need them to compute other numbers from these numbers. Then we need them to store all this information securely, take it out when needed, transfer it throughout the network, and so on. Each of these steps opens up at least several possible points of failure which, if implemented improperly, can be fatal to secure communication.
But there are cases when even experts in cryptography are taken aback. Recently, three researchers at Tel Aviv university – Daniel Genkin, Itamar Pipman and Eran Tromer – managed to extract decryption keys simply by touching the chassis of a laptop. The same people have shown before that cryptographic keys can be extracted from sound that a computer emanates when it performs cryptographic computations.
The new method is based on an observed fact that laptop chassis potential fluctuates in a computationally dependent way. This means that if we measure how the potential changes when a computer performs some procedure, we can extract enough information about what is being computed.
To make the information precise, the signal should be amplified. But the surprising part is that there is no need to go into the internals of a laptop – it is enough to merely touch a USB slot or some other external metal based component with a wire attached to a voltage measuring device, and send this on to the amplifier. What is more, one can also simply touch the chassis with one’s hand and measure one’s body potential relatative to the ground potential of a room. Even this provides enough information about the secret keys.
The keys are extracted bit by bit, as it is roughly illustrated in the picture. There may be some interrupts that hide certain bits, but these can be recovered by repeating the measuring procedure. Even more precise measurement can be done when an attacker devises a special ciphertext for each separate bit of the decryption key.
Genkin, Pipman and Tromer tested their method on a popular encryption package called GnuPG. They could extract 4096-bit RSA and 3072-bit ElGamal (another widely used public-key encryption scheme) secret keys from the GnuPG implementations. GnuPG developers had been informed about the attack and have already patched the newer versions of their package by implementing software-based countermeasures against the attack.
This attack shows that there are countless possible angles of attack, especially in the genre of side-channel attacks where the internals of an algorithm are kept intact and all the relevant information is extracted from how computers go about performing the things software tells them to do.
Reference article: Daniel Genkin, Itamar Pipman and Eran Tromer Get Your Hands Off My Laptop: Physical Side-Channel Key-Extraction Attacks On PCs, source link.