TY - JOUR
T1 - Acoustic Cryptanalysis
AU - Genkin, Daniel
AU - Shamir, Adi
AU - Tromer, Eran
N1 - Publisher Copyright:
© 2016, International Association for Cryptologic Research.
PY - 2017/4/1
Y1 - 2017/4/1
N2 - Many computers emit a high-pitched noise during operation, due to vibration in some of their electronic components. These acoustic emanations are more than a nuisance: They can convey information about the software running on the computer and, in particular, leak sensitive information about security-related computations. In a preliminary presentation (Eurocrypt’04 rump session), we have shown that different RSA keys induce different sound patterns, but it was not clear how to extract individual key bits. The main problem was the very low bandwidth of the acoustic side channel (under 20 kHz using common microphones, and a few hundred kHz using ultrasound microphones), and several orders of magnitude below the GHz-scale clock rates of the attacked computers. In this paper, we describe a new acoustic cryptanalysis key extraction attack, applicable to GnuPG’s implementation of RSA. The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour, using the sound generated by the computer during the decryption of some chosen ciphertexts. We experimentally demonstrate such attacks, using a plain mobile phone placed next to the computer, or a more sensitive microphone placed 10 meters away.
AB - Many computers emit a high-pitched noise during operation, due to vibration in some of their electronic components. These acoustic emanations are more than a nuisance: They can convey information about the software running on the computer and, in particular, leak sensitive information about security-related computations. In a preliminary presentation (Eurocrypt’04 rump session), we have shown that different RSA keys induce different sound patterns, but it was not clear how to extract individual key bits. The main problem was the very low bandwidth of the acoustic side channel (under 20 kHz using common microphones, and a few hundred kHz using ultrasound microphones), and several orders of magnitude below the GHz-scale clock rates of the attacked computers. In this paper, we describe a new acoustic cryptanalysis key extraction attack, applicable to GnuPG’s implementation of RSA. The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour, using the sound generated by the computer during the decryption of some chosen ciphertexts. We experimentally demonstrate such attacks, using a plain mobile phone placed next to the computer, or a more sensitive microphone placed 10 meters away.
KW - Acoustic emanations
KW - Cryptanalysis
KW - RSA
KW - Side channel attacks
UR - http://www.scopus.com/inward/record.url?scp=84957689284&partnerID=8YFLogxK
U2 - 10.1007/s00145-015-9224-2
DO - 10.1007/s00145-015-9224-2
M3 - מאמר
AN - SCOPUS:84957689284
VL - 30
SP - 392
EP - 443
JO - Journal of Cryptology
JF - Journal of Cryptology
SN - 0933-2790
IS - 2
ER -