Thursday, July 9, 2015

No One Is Safe: $300 Gadget Steals Encryption Keys out of the Air, and It’s Nearly Unstoppable

Just when you thought you were safe, a new hacking toy comes along and rocks your world. Imagine a tool exists that lets hackers pluck encryption keys from your laptop right out of the air. You can’t stop it by connecting to protected Wi-Fi networks or even disabling Wi-Fi completely. Turning off Bluetooth also won’t help you protect yourself.
Why? Because the tiny device that can easily be hidden in an object or taped to the underside of a table doesn’t use conventional communications to pull off capers. Instead it reads radio waves emitted by your computer’s processor, and there’s really nothing you can do to stop it.
Researchers at Tel Aviv University and another Israeli research center called Technion have created a terrifying new hacking tool that can steal encryption keys out of the air. The device, which is assembled using about $300 worth of parts that are widely available, is about the size of a piece of pita bread. Not by coincidence, the team is calling it PITA (Portable Instrument for Trace Acquisition).
Here’s how it works: the PITA consists of a bunch of off-the-shelf parts and it runs on four AA batteries. Using an antenna that can read electromagnetic waves emitted by computer processors from up to 19 inches away, the device can swipe RSA and ElGamal data and decrypt it. Stolen data is then stored locally on the device’s microSD card, or the PITA can transmit data over Wi-Fi to the attacker’s computer.
Here’s a deeper dive from the team’s paper:
So now you’re obviously wondering, “how can I block this crazy attack?” Bad news: You can’t.
“Physical mitigation techniques of electromagnetic radiation include Faraday cages,” the team wrote on its website. “However, inexpensive protection of consumer-grade PCs appears difficult. Alternatively, the cryptographic software can be changed, and algorithmic techniques employed to render the emanations less useful to the attacker. These techniques ensure that the rough-scale behavior of the algorithm is independent of the inputs it receives; they usually carry some performance penalty, but are often used in any case to thwart other side-channel attacks. This is what we helped implement in GnuPG.”
The team plans to present its creation at the Workshop on Cryptographic Hardware and Embedded Systems this coming September.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.