Many computers emit a high-pitched noise during operation, due to vibration in some of their electronic components. These acoustic emanations are more than a nuisance: they can convey information about the software running on the computer, and in particular leak sensitive information about security-related computations. In a preliminary presentation (Eurocrypt'04 rump session), we have shown that different RSA keys induce different sound patterns, but it was not clear how to extract individual key bits. The main problem was that the acoustic side channel has a very low bandwidth (under 20 kHz using common microphones, and a few hundred kHz using ultrasound microphones), many orders of magnitude below the GHz-scale clock rates of the attacked computers.
In this paper we describe a new acoustic cryptanalysis key extraction attack, applicable to GnuPG's current implementation of RSA. The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour, using the sound generated by the computer during the decryption of some chosen ciphertexts. We experimentally demonstrate that such attacks can be carried out, using either a plain mobile phone placed next to the computer, or a more sensitive microphone placed 4 meters away.
Beyond acoustics, we demonstrate that a similar low-bandwidth attack can be performed by measuring the electric potential of a computer chassis. A suitably-equipped attacker need merely touch the target computer with his bare hand, or get the required leakage information from the ground wires at the remote end of VGA, USB or Ethernet cables.
Cryptanalytic side-channel attacks target implementations of cryptographic algorithms which, while perhaps secure at the mathematical level, inadvertently leak secret information through indirect channels: variations in power consumption, electromagnetic emanations, timing variations, contention for CPU resources such as caches, and so forth (see [And08] for a survey). Acoustic emanations, i.e., the noise generated by computers, are one such potential channel. Eavesdropping on keyboards and printers has been well-demonstrated [AA04, ZZT05, BDG+10]. Mechanical noise from fans and storage devices such as hard disks are obviously indicative of system activity, but seem to carry very coarse information that is apparently of little use for cryptanalysis.
We focus on a different source of computer noise: vibration of electronic components in the computer, sometimes heard as a faint high-pitched tone or hiss (commonly called "coil whine", though often generated by capacitors). These acoustic emanations, typically caused by voltage regulation circuits, are correlated with system activity since CPUs drastically change their power draw according to the type of operations they perform. However, the bandwidth of these signals is very low: up to 20 kHz for audible signals and commodity microphones, and up to a few hundred kHz using ultrasound microphones. (Beyond these frequencies, air attenuation and reduced microphone sensitivity render the signals undetectable.) |1| Cryptanalytic side-channel attacks typically require measurements with temporal resolution similar to the time scale of the target operation, but here the target cryptographic computation is many orders of magnitude faster (at the GHz scale), so we have no hope of observing individual operations. Moreover, the acoustic signals of interest are very faint. Indeed, a recent survey on side channels surmised that while "acoustic effects have been suggested as possible side channels |2|, the quality of the resulting measurements is likely to be low" [KJJR11].
Acoustic cryptanalysis. We show that, despite these difficulties, full key recovery via acoustic cryptanalysis is quite feasible on common software and hardware. As a study case, we focus on the GnuPG (GNU Privacy Guard) [Gnu], a popular, cross-platform, open-source implementation of the OpenPGP standard [CDF+07]. We observe that GnuPG's RSA signing (or decryption) operations are readily identified by their acoustic frequency spectrum. Moreover, the spectrum is often key-dependent, so that secret keys can be distinguished by the sound made when they are used. The same applies to ElGamal decryption. We devise and demonstrate a key extraction attack that can reveal 4096-bit RSA secret keys when used by GnuPG running on a laptop computer, within an hour, by analyzing the sound generated by the computer during decryption of chosen ciphertexts. We demonstrate the attack on various targets and by various methods, including the internal microphone of a plain mobile phone placed next to the computer, and using a sensitive microphone from a distance of 4 meters.
In a nutshell, the key extraction attack relies on crafting chosen ciphertexts that cause numerical cancellations deep inside GnuPG's modular exponentiation algorithm. This causes the special value zero to appear frequently in the innermost loop of the algorithm, where it affects control flow. A single iteration of that loop is much too fast for direct acoustic observation, but the effect is repeated and amplified over many thousands of iterations, resulting in a gross leakage effect that is discernible in the acoustic spectrum over hundreds of milliseconds.
Low-bandwidth power and voltage analysis. With this technique for inducing robust low-bandwidth signals, we revisit other channels and observe that similar leakage can often be induced, acquired, and exploited. For example, in many computers the "ground" potential fluctuates (even when connected to a grounded power supply) and leaks the requisite signal; this can be measured by touching exposed metal on the computer's chassis, or at the remote end of VGA, USB and Ethernet cables. We can also acquire and exploit these low-frequency signals by power analysis, using measurement of the power supply current, even if the clockrate-scale high frequencies (needed for standard power analysis) have been filtered out.
Chosen-ciphertext channel by e-mail. The key extraction attack requires decryption of ciphertexts adaptively chosen by the attacker. Prior works requiring chosen plaintext or ciphertext typically attacked network protocols such as SSL/TLS [BB05] or WEP [BGW01, BHL06], or used direct access to a protected device's input. To apply the attack to GnuPG, we identified and exploited a new chosen-ciphertext attack vector: OpenPGP encrypted e-mail messages. We specifically targeted Enigmail, a popular plugin to the Thunderbird e-mail client that enables transparent signing and encryption of email messages using GnuPG, following the OpenPGP [CDF+07] and PGP/MIME [ETLR01] standards. Enigmail automatically decrypts incoming e-mail (for notification purposes), as long as the GnuPG passphrase is cached or empty. In this case, an attacker can e-mail suitably-crafted messages to the victims, wait until they reach the target computer, and observe the acoustic signature of their decryption, thereby closing the adaptive attack loop.
No comments:
Post a Comment