Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT

Researchers Find New Fast-Acting Side-Channel Vulnerability

A group of researchers from Georgia Tech have discovered a method for pulling encryption keys from mobile devices without ever touching the phones, themselves.

Researchers at Georgia Tech have found a side-channel attack that delivers the encryption key for a mobile device's RSA implementation. Oh, and it gets the key without physical access to the device. And in a single transaction. The good news is that there are limits.

The team presented their paper, One&Done: A Single-Decryption EM-Based Attack on OpenSSL's Constant-Time Blinded RSA, at the USENIX Security Symposium on Aug. 16. In the paper, they describe a method of "listening" to the electromagnetic signals generated by a processor whenever it is working data. As they listen to signals, they can convert those back into their native bits and capture the encryption key (and, frankly, any other data they wish) the first time it's processed.

"This successfully gets the key in only one encryption or decryption so you don't have to wait a long time," says paper co-author Milos Prvulovic, professor of computer science at Georgia Tech. He explains that the attack, which uses a small antenna placed a few inches from the device, is different from most of the side-channel attacks seeking encryption keys.

"Most require the device to decrypt a specific, specially crafted message. Others look at very small differences in the signal and require a huge amount of data. Ours extracts the key directly from how the algorithm works," he says. To prove the concept, the team performed research on, "… two Android-based mobile phones and an embedded system board, all with ARM processors operating at high (800 MHz to 1.1 GHz) frequencies…" according to the paper.

In the past, the team notes, capturing the very low-power signals generated by the processors would have required advanced, expensive radio receivers. Now, the paper states, receiving the signal is, "…well within the signal capture capabilities of compact commercially available sub-$1,000 software-defined radio (SDR) receivers such as the Ettus B200-mini."

A remedy for the attack was proposed in the paper, and provided to RSA ahead of publication. The researchers were able to capture the encryption key, Prvulovic says, because, "The secret bits are examined by the program one at a time. So we were able to just read out the bits one at a time." In their remediation, the researchers changed the implementation to read bits in parallel, rather than serial, fashion, making successful decryption a far more difficult and compute-intensive process.

Prvulovic says that their modification to the program makes the algorithm resistant to this particular attack, but other side-channel attacks may still be effective. A more potent defense, he says, comes from adhering to basic mobile-device hygiene. "All of these require close proximity, so you don't put your phone down on a table at a coffee shop or airport and do banking," Prvulovic says. "If you're holding the phone in your hand, it's highly likely you're secure. If someone's sufficiently close with a briefcase, then think about what you're doing."

Related content:

Learn from the industry's most knowledgeable CISOs and IT security experts in a setting that is conducive to interaction and conversation. Early bird rate ends August 31. Click for more info

Curtis Franklin Jr. is Senior Editor at Dark Reading. In this role he focuses on product and technology coverage for the publication. In addition he works on audio and video programming for Dark Reading and contributes to activities at Interop ITX, Black Hat, INsecurity, and ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
A96.uk
100%
0%
A96.uk,
User Rank: Apprentice
8/28/2018 | 3:36:01 AM
Re: the security issues
You should tell people this is RSA in software on phones not hardware protected.

 

Your telling me RSA in hardware has been hacked!

 

Don't think so.....

 

Please do the same hack on SAML11 or 508a/608a protected hardware.

 

Everyone is living in the last millenia, in my books.

 

We don't use software security unless we are IDIOT's
A96.uk
100%
0%
A96.uk,
User Rank: Apprentice
8/28/2018 | 3:33:17 AM
Re: the security issues
I think the story should say the security is implimented in software!

 

Try this attack with U2F or 508a/608a hardware tamper resistant!

 

Lol so funny people still thinking RSA in software is safe.
evana112
0%
100%
evana112,
User Rank: Apprentice
8/20/2018 | 7:36:53 PM
the security issues
here I get some important ideas about the side channel vulnerabilities. this vulnerability can hamper the work. I have visited mcafee support. keep sharing this type of useful ideas. I get some important ideas about the security surveillance also.
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-22675
PUBLISHED: 2021-05-07
The affected product is vulnerable to integer overflow while parsing malformed over-the-air firmware update files, which may allow an attacker to remotely execute code on SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, C...
CVE-2021-22679
PUBLISHED: 2021-05-07
The affected product is vulnerable to an integer overflow while processing HTTP headers, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, CC13X2 and CC26XX SDK v...
CVE-2020-14009
PUBLISHED: 2021-05-07
Proofpoint Enterprise Protection (PPS/PoD) before 8.17.0 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-blocking rules. The vulnerability exists because messages with certain crafted and malformed multipar...
CVE-2021-21984
PUBLISHED: 2021-05-07
VMware vRealize Business for Cloud 7.x prior to 7.6.0 contains a remote code execution vulnerability due to an unauthorised end point. A malicious actor with network access may exploit this issue causing unauthorised remote code execution on vRealize Business for Cloud Virtual Appliance.
CVE-2021-26122
PUBLISHED: 2021-05-07
LivingLogic XIST4C before 0.107.8 allows XSS via feedback.htm or feedback.wihtm.