Lock the safest code in the world by sound

Recently, researchers at Tel Aviv University and the Weizmann Institute of Science (Israel) have succeeded in deciphering one of the safest encryption algorithms currently RSA 4096 bits by using a microphone to listen. a computer when it decodes encrypted data. The attack of security experts is quite simple and can be done with rudimentary hardware.

Daniel Genkin, Adi Shamir (two co-founders of the RSA algorithm) and Eran Tromer used a technique called "side channel attack" to decode sound. A side channel is an intermediate, unusual and unsecured attack channel. It is conceivable as follows, on the phone, you set the number code to lock the device. If you give the phone to someone, you can't directly enter inside without a code. However, if they can guess the password by looking at the fingerprints, the stain on the screen to unlock it, this is a side channel. In this case, security researchers listened to high-frequency sounds (10 to 150 KHz) created by the computer when it decoded the data.

It sounds crazy but with the right hardware, this is entirely possible. To start, you need to know the exact audio frequency to listen and use the high / low frequency filters to ensure only the sound emitted from the computer when the CPU decodes the data. In fact, the audio signal is generated by the CPU regulator when it tries to maintain a constant voltage under various conditions of light handling. Then, once you have obtained the signal, you will decode the signal into meaningful information.

Image spectrum measures the sound frequency of various CPU operations recorded by Bruel & Kjaer 4939 microphone. The horizontal axis is the frequency (0 - 310kHz), the vertical axis is the time (3.7 seconds) and the density is proportional to the instantaneous energy level in the band.

Researchers have focused on a very specific encryption software called GnuPG 1.x (a free / open source version of PGP or Pretty Good Privacy - software that encrypts and decrypts secure data. PGP is often used for logging, encrypting and decrypting text, emails, files, folders and even drive partitions. PGP was created by Phil Zimmermann in 1991). With some clever decoding analysis, researchers were able to listen to signals leaked from the CPU when it was decoding data. Then they continue to listen to the audio stream to predict the decoding key. This attack method does not work on encryption systems or other encryption software. If they want to do it, they have to start over and listen to the whole leak sound again.

As a result of the attack, they succeeded in decrypting encryption keys over a 4m distance with a high-quality parabolic-shaped microphone. More attractive, they also sought to make an attack with a smartphone to 30cm away from the laptop. The team made attacks on many different laptops and desktops with many success levels. It is worth noting that the same type of electrical data can be predicted from a variety of sources - such as from the power jack on the wall, from the end of the Ethernet cable or simply touching the computer.

Basic setup with computer A is decoding and microphone B, other components can be hidden

In fact, decoding through audio signals is actually a potential danger. Think if you're decrypting some files on your computer while sitting in a library, café, or public place . someone can get your encryption key simply by setting their phone is near the computer you are using. In addition, an attacker can use audio signals to put malware on your phone to listen for encryption keys. With HTML5 and Flash code accessible to hardware like microphones, the attacker can fully develop a website to listen to encryption keys. Researchers even think of a more horrible scenario: Put a microphpne on a server - this server sits on a rack with other servers in a data center and the microphone will silently collect. Cross key encryption from hundreds of servers nearby.

If you want to ensure data is safe, there are only two options: 1 is extremely strong encryption, 2 is physical data protection or both solutions at the same time. If an attacker cannot physically access the data, it is more difficult to steal the encryption key. So, before potential audio attacks, you can use physical protection solutions such as placing laptops in sound isolation boxes, not letting anyone near the computer while decoding data or use high-frequency broadband audio sources high enough to cause interference.

Attacking the computer with sound is an issue that has been of concern in recent times. Last month, we learned about a malware called BadBiOS , which destroys cartilage and infects one computer to another.