Leaking crypto keys from mobile devices

[Eugen Leitl]

http://news.cnet.com/8301-27080_3-10379115-245.html

October 20, 2009 1:33 PM PDT

Leaking crypto keys from mobile devices

by Elinor Mills

Security researchers have discovered a way to steal cryptographic keys that
are used to encrypt communications and authenticate users on mobile devices
by measuring the amount of electricity consumed or the radio frequency
emissions.

The attack, known as differential power analysis (DPA), can be used to target
an unsuspecting victim either by using special equipment that measures
electromagnetic signals emitted by chips inside the device or by attaching a
sensor to the device's power supply, Benjamin Jun, vice president of
technology at Cryptography Research, said on Tuesday. Cryptography Research
licenses technology that helps companies prevent fraud, piracy, and
counterfeiting.

An oscilloscope can then be used to capture the electrical signals or radio
frequency emissions and the data can be analyzed so that the spikes and bumps
correlate to specific activity around the cryptography, he said.

An oscilloscope and simple antenna can capture electromagnetic emissions from
mobile devices. The large spikes correspond to secret keys used during
cryptographic activity.

(Credit: Cryptography Research)

"While the chip performs cryptography it is massaging the secret key around
in various ways. This processing causes information about the key to leak
through the power consumption itself," said Jun.

For instance, someone with the proper equipment could steal the cryptographic
key from a device three feet away in a cafe in as short a time as a few
minutes, he said. An attacker could replicate the key with the information
and use it to read a victim's e-mail or pretend to be the user in sensitive
online transactions.

Smartphones and PDAs have been found to leak data unless they have
countermeasures in place to protect against it, which Cryptography Research
offers, according to Jun.

He would not say exactly which devices could be snooped on in this manner and
said he did not know of any attacks in the wild using this method.

"I think we're about to start seeing it on smartphones," he said. "These
attacks are not theoretical."

This type of attack first surfaced about 10 years ago on cash register
terminals and postage meters. Similar data leakage was found with smartIDs,
secure USB tokens, smart cards, and cable boxes, he said.

Countermeasures can involve randomizing to throw noise into the measurements
or changing the way the computation is done, Jun said.

Asked to comment on how threatening this type of attack could be,
cryptography expert Bruce Schneier said the basic question is who stands to
lose?

"Honestly, I don't care if someone hacks a cable box--it's not my money.
Similarly, I don't care how often a bank gets robbed as long as the bank
doesn't deduct the losses out of my personal account," he said in an e-mail.
"But if someone hacks my phone and either steals service that I am charged
for, or causes me enough hassle to change my phone number, that's bad."

Elinor Mills covers Internet security and privacy. She joined CNET News in
2005 after working as a foreign correspondent for Reuters in Portugal and
writing for The Industry Standard, the IDG News Service, and the Associated
Press. E-mail Elinor.