Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations

Ben Nassi; Ofek Vayner; Etay Iluz; Dudi Nassi; Jan Jancar; Daniel Genkin; Eran Tromer; Boris Zadov; Yuval Elovici

doi:10.1145/3576915.3616620

Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations

Ben Nassi, Ofek Vayner, Etay Iluz, Dudi Nassi, Jan Jancar, Daniel Genkin, Eran Tromer, Boris Zadov, Yuval Elovici

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

3 Scopus citations

Abstract

Although power LEDs have been integrated in various devices that perform cryptographic operations for decades, the cryptanalysis risk they pose has not yet been investigated. In this paper, we present optical cryptanalysis, a new form of cryptanalytic side-channel attack, in which secret keys are extracted by using a photodiode to measure the light emitted by a device's power LED and analyzing subtle fluctuations in the light intensity during cryptographic operations. We analyze the optical leakage of power LEDs of various consumer devices and the factors that affect the optical SNR. We then demonstrate end-to-end optical cryptanalytic attacks against a range of consumer devices (smartphone, smartcard, and Raspberry Pi, along with their USB peripherals) and recover secret keys (RSA, ECDSA, SIKE) from prior and recent versions of popular cryptographic libraries (GnuPG, Libgcrypt, PQCrypto-SIDH) from a maximum distance of 25 meters.

Original language	English
Title of host publication	CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security
Publisher	Association for Computing Machinery, Inc
Pages	268-280
Number of pages	13
ISBN (Electronic)	9798400700507
DOIs	https://doi.org/10.1145/3576915.3616620
State	Published - 15 Nov 2023
Externally published	Yes
Event	30th ACM SIGSAC Conference on Computer and Communications Security, CCS 2023 - Copenhagen, Denmark Duration: 26 Nov 2023 → 30 Nov 2023

Publication series

Name	CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security

Conference

Conference	30th ACM SIGSAC Conference on Computer and Communications Security, CCS 2023
Country/Territory	Denmark
City	Copenhagen
Period	26/11/23 → 30/11/23

Funding

Funders	Funder number
Cisco and Qualcomm
U.S. Government
National Science Foundation	CNS-1954712
Air Force Office of Scientific Research	FA9550-20-1-0425
Defense Advanced Research Projects Agency	HR00112390029
Technion-Israel Institute of Technology

Keywords

Cryptanalysis
ECDSA
RSA
SIKE
Side-Channel Attack

Access to Document

10.1145/3576915.3616620

Cite this

Nassi, B., Vayner, O., Iluz, E., Nassi, D., Jancar, J., Genkin, D., Tromer, E., Zadov, B., & Elovici, Y. (2023). Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations. In CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (pp. 268-280). (CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security). Association for Computing Machinery, Inc. https://doi.org/10.1145/3576915.3616620

Nassi, Ben ; Vayner, Ofek ; Iluz, Etay et al. / Optical Cryptanalysis : Recovering Cryptographic Keys from Power LED Light Fluctuations. CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, Inc, 2023. pp. 268-280 (CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security).

@inproceedings{42b31003838146cdb7aeb12b341e11a2,

title = "Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations",

abstract = "Although power LEDs have been integrated in various devices that perform cryptographic operations for decades, the cryptanalysis risk they pose has not yet been investigated. In this paper, we present optical cryptanalysis, a new form of cryptanalytic side-channel attack, in which secret keys are extracted by using a photodiode to measure the light emitted by a device's power LED and analyzing subtle fluctuations in the light intensity during cryptographic operations. We analyze the optical leakage of power LEDs of various consumer devices and the factors that affect the optical SNR. We then demonstrate end-to-end optical cryptanalytic attacks against a range of consumer devices (smartphone, smartcard, and Raspberry Pi, along with their USB peripherals) and recover secret keys (RSA, ECDSA, SIKE) from prior and recent versions of popular cryptographic libraries (GnuPG, Libgcrypt, PQCrypto-SIDH) from a maximum distance of 25 meters.",

keywords = "Cryptanalysis, ECDSA, RSA, SIKE, Side-Channel Attack",

author = "Ben Nassi and Ofek Vayner and Etay Iluz and Dudi Nassi and Jan Jancar and Daniel Genkin and Eran Tromer and Boris Zadov and Yuval Elovici",

note = "Publisher Copyright: {\textcopyright} 2023 Copyright held by the owner/author(s). Publication rights licensed to ACM; 30th ACM SIGSAC Conference on Computer and Communications Security, CCS 2023 ; Conference date: 26-11-2023 Through 30-11-2023",

year = "2023",

month = nov,

day = "15",

doi = "10.1145/3576915.3616620",

language = "אנגלית",

series = "CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security",

publisher = "Association for Computing Machinery, Inc",

pages = "268--280",

booktitle = "CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security",

}

Nassi, B, Vayner, O, Iluz, E, Nassi, D, Jancar, J, Genkin, D, Tromer, E, Zadov, B & Elovici, Y 2023, Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations. in CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, Association for Computing Machinery, Inc, pp. 268-280, 30th ACM SIGSAC Conference on Computer and Communications Security, CCS 2023, Copenhagen, Denmark, 26/11/23. https://doi.org/10.1145/3576915.3616620

Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations. / Nassi, Ben; Vayner, Ofek; Iluz, Etay et al.
CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, Inc, 2023. p. 268-280 (CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Optical Cryptanalysis

T2 - 30th ACM SIGSAC Conference on Computer and Communications Security, CCS 2023

AU - Nassi, Ben

AU - Vayner, Ofek

AU - Iluz, Etay

AU - Nassi, Dudi

AU - Jancar, Jan

AU - Genkin, Daniel

AU - Tromer, Eran

AU - Zadov, Boris

AU - Elovici, Yuval

PY - 2023/11/15

Y1 - 2023/11/15

N2 - Although power LEDs have been integrated in various devices that perform cryptographic operations for decades, the cryptanalysis risk they pose has not yet been investigated. In this paper, we present optical cryptanalysis, a new form of cryptanalytic side-channel attack, in which secret keys are extracted by using a photodiode to measure the light emitted by a device's power LED and analyzing subtle fluctuations in the light intensity during cryptographic operations. We analyze the optical leakage of power LEDs of various consumer devices and the factors that affect the optical SNR. We then demonstrate end-to-end optical cryptanalytic attacks against a range of consumer devices (smartphone, smartcard, and Raspberry Pi, along with their USB peripherals) and recover secret keys (RSA, ECDSA, SIKE) from prior and recent versions of popular cryptographic libraries (GnuPG, Libgcrypt, PQCrypto-SIDH) from a maximum distance of 25 meters.

AB - Although power LEDs have been integrated in various devices that perform cryptographic operations for decades, the cryptanalysis risk they pose has not yet been investigated. In this paper, we present optical cryptanalysis, a new form of cryptanalytic side-channel attack, in which secret keys are extracted by using a photodiode to measure the light emitted by a device's power LED and analyzing subtle fluctuations in the light intensity during cryptographic operations. We analyze the optical leakage of power LEDs of various consumer devices and the factors that affect the optical SNR. We then demonstrate end-to-end optical cryptanalytic attacks against a range of consumer devices (smartphone, smartcard, and Raspberry Pi, along with their USB peripherals) and recover secret keys (RSA, ECDSA, SIKE) from prior and recent versions of popular cryptographic libraries (GnuPG, Libgcrypt, PQCrypto-SIDH) from a maximum distance of 25 meters.

KW - Cryptanalysis

KW - ECDSA

KW - RSA

KW - SIKE

KW - Side-Channel Attack

UR - http://www.scopus.com/inward/record.url?scp=85179852242&partnerID=8YFLogxK

U2 - 10.1145/3576915.3616620

DO - 10.1145/3576915.3616620

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:85179852242

T3 - CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security

SP - 268

EP - 280

BT - CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security

PB - Association for Computing Machinery, Inc

Y2 - 26 November 2023 through 30 November 2023

ER -

Nassi B, Vayner O, Iluz E, Nassi D, Jancar J, Genkin D et al. Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations. In CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, Inc. 2023. p. 268-280. (CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security). doi: 10.1145/3576915.3616620

Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations

Abstract

Publication series

Conference

Funding

Keywords

Access to Document

Other files and links

Fingerprint

Cite this