skip to main content
research-article
Free Access

Physical key extraction attacks on PCs

Published:23 May 2016Publication History
Skip Abstract Section

Abstract

Computers broadcast their secrets via inadvertent physical emanations that are easily measured and exploited.

References

  1. Agrawal, D., Archambeault, B., Rao, J.R., and Rohatgi, P. The EM side-channel(s). In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES 2002). Springer, 2002, 29--45. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Anderson, R.J. Security Engineering: A Guide to Building Dependable Distributed Systems, Second Edition. Wiley, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Asonov, D. and Agrawal, R. Keyboard acoustic emanations. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 2004, 3--11.Google ScholarGoogle ScholarCross RefCross Ref
  4. Backes, M., Dürmuth, M., Gerling, S., Pinkal, M., and Sporleder, C. Acoustic side-channel attacks on printers. In Proceedings of the USENIX Security Symposium 2010. USENIX Association, 2010, 307--322. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Belgarric, P., Fouque, P.-A., Macario-Rat, G., and Tibouchi, M. Side-channel analysis of Weierstrass and Koblitz curve ECDSA on Android smartphones. In Proceedings of the Cryptographers' Track of the RSA Conference (CT-RSA 2016). Springer, 2016, 236--252.Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Bernstein, D.J. Cache-timing attacks on AES. 2005; http://cr.yp.to/papers.html#cachetimingGoogle ScholarGoogle Scholar
  7. Brouchier, J., Dabbous, N., Kean, T., Marsh, C., and Naccache, D. Thermocommunication. Cryptology ePrint Archive, Report 2009/002, 2009; https://eprint.iacr.org/2009/002Google ScholarGoogle Scholar
  8. Brumley, D. and Boneh, D. Remote timing attacks are practical. Computer Networks 48, 5 (Aug. 2005), 701--716. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Clark, S.S., Mustafa, H.A., Ransford, B., Sorber, J., Fu, K., and Xu, W. Current events: Identifying webpages by tapping the electrical outlet. In Proceedings of the 18th European Symposium on Research in Computer Security (ESORICS 2013). Springer, Berlin, Heidelberg, 2013, 700--717.Google ScholarGoogle ScholarCross RefCross Ref
  10. Clark, S.S., Ransford, B., Rahmati, A., Guineau, S., Sorber, J., Xu, W., and Fu, K. WattsUpDoc: Power side channels to nonintrusively discover untargeted malware on embedded medical devices. In Proceedings of the USENIX Workshop on Health Information Technologies (HealthTech 2013). USENIX Association, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Gandolfi, K., Mourtel, C., and Olivier, F. Electromagnetic analysis: Concrete results. In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES 2001). Springer, Berlin, Heidelberg, 2001, 251--261. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Genkin, D., Pachmanov, L., Pipman, I., and Tromer, E. Stealing keys from PCs using a radio: Cheap electromagnetic attacks on windowed exponentiation. In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES 2015). Springer, 2015, 207--228.Google ScholarGoogle ScholarCross RefCross Ref
  13. Genkin, D., Pachmanov, L., Pipman, I., and Tromer, E. ECDH key-extraction via low-bandwidth electromagnetic attacks on PCs. In Proceedings of the Cryptographers' Track of the RSA Conference (CT-RSA 2016). Springer, 2016, 219--235.Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Genkin, D., Pachmanov, L., Pipman, I., Tromer, E., and Yarom, Y. ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels. Cryptology ePrint Archive, Report 2016/230, 2016; http://eprint.iacr.org/2016/230Google ScholarGoogle Scholar
  15. Genkin, E., Pipman, I., and Tromer, E. Get your hands off my laptop: Physical side-channel key-extraction attacks on PCs. In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES 2014). Springer, 2014, 242--260. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Genkin, D., Shamir, A., and Tromer, E. RSA key extraction via low-bandwidth acoustic cryptanalysis. In Proceedings of the Annual Cryptology Conference (CRYPTO 2014). Springer, 2014, 444--461.Google ScholarGoogle ScholarCross RefCross Ref
  17. Kenworthy, G. and Rohatgi, P. Mobile device security: The case for side-channel resistance. In Proceedings of the Mobile Security Technologies Conference (MoST), 2012; http://mostconf.org/2012/papers/21.pdfGoogle ScholarGoogle Scholar
  18. Kocher, P., Jaffe, J., and Jun, B. Differential power analysis. In Proceedings of the Annual Cryptology Conference (CRYPTO 1999). Springer, 1999, 388--397. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Kocher, P., Jaffe, J., Jun, B., and Rohatgi, P. Introduction to differential power analysis. Journal of Cryptographic Engineering 1, 1 (2011), 5--27.Google ScholarGoogle ScholarCross RefCross Ref
  20. Kocher, P.C. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In Proceedings of the Annual Cryptology Conference (CRYPTO 1996). Springer, 1996, 104--113. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Kuhn, M.G. Compromising Emanations: Eavesdropping Risks of Computer Displays. Ph.D. Thesis and Technical Report UCAM-CL-TR-577. University of Cambridge Computer Laboratory, Cambridge, U.K., Dec. 2003; https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-577.pdfGoogle ScholarGoogle Scholar
  22. Loughry, J. and Umphress, D.A. Information leakage from optical emanations. ACM Transactions on Information Systems Security 5, 3 (Aug. 2002), 262--289. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Mangard, S., Oswald, E., and Popp, T. Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer, Berlin, Heidelberg, 2007. Google ScholarGoogle Scholar
  24. Nakano, Y., Souissi, Y., Nguyen, R., Sauvage, L., Danger, J., Guilley, S., Kiyomoto, S., and Miyake, Y. A pre-processing composition for secret key recovery on Android smartphones. In Proceedings of the International Workshop on Information Security Theory and Practice (WISTP 2014). Springer, Berlin, Heidelberg, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Oren, Y. and Shamir, A. How not to protect PCs from power analysis. Presented at the Annual Cryptology Conference (CRYPTO 2006) rump session. 2006; http://iss.oy.ne.ro/HowNotToProtectPCsFromPowerAnalysisGoogle ScholarGoogle Scholar
  26. Osvik, D.A., Shamir, A., and Tromer, E. Cache attacks and countermeasures: The case of AES. In Proceedings of the Cryptographers' Track of the RSA Conference (CT-RSA 2006). Springer, 2006,1--20. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Percival, C. Cache missing for fun and profit. In Proceedings of the BSDCan Conference, 2005; http://www.daemonology.net/hyperthreading-consideredharmfulGoogle ScholarGoogle Scholar
  28. Quisquater, J.-J. and Samyde, D. Electromagnetic analysis (EMA): Measures and countermeasures for smartcards. In Proceedings of the Smart Card Programming and Security: International Conference on Research in Smart Cards (E-smart 2001). Springer, 2001, 200--210. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Skorobogatov, S. Optical Surveillance on Silicon Chips. University of Cambridge, Cambridge, U.K., 2009; http://www.cl.cam.ac.uk/~sps32/SG_talk_OSSC_a.pdfGoogle ScholarGoogle Scholar
  30. van Eck, W. Electromagnetic radiation from video display units: An eavesdropping risk? Computers and Security 4, 4 (Dec. 1985), 269--286. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Wright, P. Spycatcher. Viking Penguin, New York, 1987.Google ScholarGoogle Scholar
  32. Yarom, Y. and Falkner, K. FLUSH+RELOAD: A high-resolution, low-noise, L3 cache side-channel attack. In Proceedings of the USENIX Security Symposium 2014. USENIX Association, 2014, 719--732. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Yarom, Y., Liu, F., Ge, Q., Heiser, G., and Lee, R.B. Last-level cache side-channel attacks are practical. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 2015, 606--622. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Yen, S.-M., Lien, W.-C., Moon, S.-J., and Ha, J. Power analysis by exploiting chosen message and internal collisions: Vulnerability of checking mechanism for RSA decryption. In Proceedings of the International Conference on Cryptology in Malaysia (Mycrypt 2005). Springer, 2005, 183--195. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Zajic, A. and Prvulovic, M. Experimental demonstration of electromagnetic information leakage from modern processor-memory systems. IEEE Transactions on Electromagnetic Compatibility 56, 4 (Aug. 2014), 885--893.Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. Physical key extraction attacks on PCs

          Recommendations

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          • Published in

            cover image Communications of the ACM
            Communications of the ACM  Volume 59, Issue 6
            June 2016
            106 pages
            ISSN:0001-0782
            EISSN:1557-7317
            DOI:10.1145/2942427
            • Editor:
            • Moshe Y. Vardi
            Issue’s Table of Contents

            Copyright © 2016 Owner/Author

            Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

            Publisher

            Association for Computing Machinery

            New York, NY, United States

            Publication History

            • Published: 23 May 2016

            Check for updates

            Qualifiers

            • research-article
            • Popular
            • Refereed

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader

          HTML Format

          View this article in HTML Format .

          View HTML Format