Schneier on Security
A blog covering security and security technology.
« Tor User Identified by FBI |
| Eben Moglen and I Talk about the NSA »
December 19, 2013
This is neat:
Here, we describe a new acoustic cryptanalysis key extraction attack, applicable to GnuPG's current implementation of RSA. The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour, using the sound generated by the computer during the decryption of some chosen ciphertexts. We experimentally demonstrate that such attacks can be carried out, using either a plain mobile phone placed next to the computer, or a more sensitive microphone placed 4 meters away.
Beyond acoustics, we demonstrate that a similar low-bandwidth attack can be performed by measuring the electric potential of a computer chassis. A suitably-equipped attacker need merely touch the target computer with his bare hand, or get the required leakage information from the ground wires at the remote end of VGA, USB or Ethernet cables.
Posted on December 19, 2013 at 6:29 AM
• 70 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Therefore, never use GnuPG on a networked machine, make sure you physically secure your device and as always, if you really care, you'll take the battery out your phone.
In other words, you can always find a covert channel with enough bandwidth to transmit an arbitrary number of keys, assuming you can get some sort of keylogger/keyfinder on the target. Scary.
Somehow I don't think there is any size key that would be immune to such attacks (and especially not less safe from other attacks).
Crap. Even tinfoil hats won't help us now.
Ok, way beyond my comprehension this early in the morning but I agree with wumpus...Scary.
Call me skeptical, but I think that this research paper is an April 1st joke ahead of its time - regradless of the big names who authored it.
I bet that nobody would be able to independently corroborate on the reported findings.
I don't know much about crypto stuff, but I do know a bit about passive electronic components and acoustic vibrations.
To correlate vibrations induces in ceramic capacitors and chip inductors by current pulses due to crypto operations in a power supply is science fiction:
1. There are fairly big electrolytic / polymer capacitors which provide current to spiked demand from the CPU et al. The ceramics / inductors demands are not that synchronized to CPU demands.
2. There are so many background operations in a PC due to OS operations , making it extremely difficult to discern CPU specific crypto ops.
3. The hard disk, graphic card and other parasitic will mask CPU-only current demands. The decoupling of the PDN (Power distribution Network) assigned to the CPU is not totally decoupled from the rest of the sub-systems.
4. A smartphone mic pickup? give me a break. You need very expensive audio pic-up to sense anything from a component vibration, and I even doubt that the parabolic contraption with the expensive mike there would pick anything from 2-4 mteres away.
I simply don'y buy this.
@ Jacog: I agree. This is just more FUD for influence, intimidation, and control. Someone wants to make you afraid so you will pay them for something to allay your fears (and be grateful).
To further my skepticism:
From an Engineering Note by Nippon Chemi-Con , one of the big names in capacitors:
When large high frequency ripple current acrosses multilayer ceramic capacitor , the capacitor can vibrate.The phenomenon occurs as the capacitor has natural vibration frequency due to the mechanical dimensions, resonates to the large high frequency ripple current.
To prevent the resonance, please select the capacitor or change the ripple current frequency.
For your information, we indicate the following resonance frequency to each chip size:
0805 : 900/1500/1800 KHz
1206: 600/1200/1600 KHz
Smaller chips, like 0603 and 0402 which are also commonly used in PS, have much higher resonance frequency.
Nobody will sense those ultrasound waves at the megahertz range with a smartphone. Just can't be done.
If you had read the FAQ page, you would have learned that the authors did not measure Sound in the MHz-Range, but around 10 kHz, which is perfectly reasonable with a cell phone.
And if you google "laptop high pitch noise" you will find that a lot of laptops generate audible component vibrations.
Shamir -- of RSA repute is on the paper. If he says it's so, I believe it.
Like most side channel attacks, this requires that Alice persuade the target to decrypt a significant number of specially selected plaintexts.
Still, a neat bit of research.
The paper was also dated 2004, but never released due to the time it took for GnuPG to find a solution that worked. 9 years...
Funny how a lot of people often voice a knee-jerk "skeptical" reaction without actually reading the publication :)
That's not "skeptical", that's "believer" with a negative sign!
If one would care to read the paper, one would find that this is a timing attack, with a clever side channel (acoustic) to access the timing data. Rest assured, they don't magically "hear the bits flying along the bus". Read the paper, it's an interesting read.
Ubuntu Linux just put out a security patch to GNU Privacy Guard to address this attack. So I don't think it is FUD or an April Fool's joke.
Why so long? I find it hard to believe the developers of GnuPG would not be motivated to find a solution to this. Is there anyway to find out when they were notified? Is this a case where responsible disclosure succeeded after 9 years? Thats still a fail imo.
According to Q16 in their FAQ, there's also a lot of improvements in the attack itself since 2004 (including full key extraction).
Of course Bruce Schneier can read the key just by touching the computer. No equipment needed.
Ceramic caps, which is what the paper claims to sense (in addition ro inductors) vibrates at their natural frequency, which is in the MHz range. If they sense vibes at audible range, it is not from these components.
I don't doubt that there is a "laptop high pitch noise" - I myself was annoyed many times in the far past from the 15-18KHz noise emanating from CRT based equipment - but I doubt that this noise comes from the small SMD comps - maybe from some other large components, e.g connectors/sockets/ toroids or support structure like PCB etc.
@q - I never implied that they listen to the bits. However, for side-channel timing attack based on sound emanating from small caps/ inductors in the CPU PDN - I have my serious doubts.
By the way, this is very easy to test: take a ssd/flash based based computer, no fan operating for the duration of the test, stick a good mike inside, and see if you can hear at all any of the various OS operations. Run a heavy math routine - can you tell from the mike output when it stops? I bet you would not hear a thing.
Er.... 'Preliminary results were announced in the Eurocrypt 2004 rump session presentation titled "Acoustic cryptanalysis: on nosy people and noisy machines"'
@John "never released... nine years" does not sound accurate.
@A - The new fashionable tinfoil hat will feature accoustic insulation, as well.
And this is why it's naive to just "trust the math."
Seems to me that if this works, it should be easy to prevent by a multitasking processor running some heavy random calculations to compromise the pure calculation noise signals they claim they're receiving. There would be no way to separate the signal from the noise.
I can hear my fanless SSD nettop making intermittent sounds in the quiet of the night, so much that I began to avoid leaving it on as it annoys me. Admittedly, I didn't think to try discerning what it's doing by its noise, but my built-in natural frequency analyzer is quite poor :)
According to the paper, multitasking actually *helps* the capture by lowering the frequencies of the interesting signal, and they are able to distinguish spectral fingerprints of GPG vs. other apps.
Of course currently it's a "lab only" attack, but they get better...
First, peer review. I don't get too worked up when papers like this come I. I take it seriously but I don't get excited. How does Bruce put it? Be professionally paranoid.
Use crypto. Without it you're completely defenseless.
A big problem is system security. Know your hardware. Strip it down if you have to. Know your software. Open source is the only way to go.
Mobile phones are a complete wreck as far as security. I'm would love to get rid of mine. I'm actually happier without a mobile phone. That being said, these phones need to be locked down considerably.
Hard to take seriously a paper about SCIF with pub date on the front page "Nov 2014" :-)
What about the chips in the mobile phone that supposedly is doing the detecting and recording (or live analysis)? They make noise too. Doesn't that phone mic get confused by that also? And, where one has a computer, there are disk drives (internal & external), routers, sound cards & speaker systems, cable/DSL modems, printers, network switches, plus interruptable power supplies along with other phones (cell & otherwise) etc. That would be one hell of a cell phone with high quality mic to pick up and filter out all of that stray noise and still achieve the intended objective.
Doubtful...and probably worrisome only in select areas. FUD for all practical purposes.
The whole point IMO is simply that a usable side channel exists given chosen, iterative ciphertext. RSA blinding eliminates the side channel. GPG2 uses a library that implements RSA blinding. There are probably zero production installations of GPG1 that operate in the manner required by this paper to exploit the side channel. The vulnerability is academic. With nobody at risk, the term "FUD" doesn't exactly apply.
Belt, meet suspenders.
Having spent a lot of my life listening to computers, I'd say this is a plausible attack vector, though I am surprised that it proved computationally feasible.
Note that there are a lot of moving parts to using it successfully, including being able to get the victim to decrypt a suitable known plaintext while their system is being monitored.
The concept of using accoustic characteristics as a side channel attack is nothing new... What is intresting to me is the implementation and the work details...
There appears to be a bit of confusion of physical objects as transducers...
All physical solid physical objects will "vibrate in sympathy" with an applied stimulus either at the stimulus frequency or a harmonic or subharmonic or a combination there of.
Most objects also have self resonant modes where if subject to a step input they will vibrate at one or more of the objects natural frequencies (or harmonic, subharmonics or combinations there of).
If you analyse the actual vibration of an object you will often find a complex waveform which has components of both the stimulus wave form and the natural frequencies of the object.
Thus whilst the SRF of a chip cap may well be in the high KHz or MHz it will still produce a wave form representative of the stimulus, which may well amplitude modulate the SRF or other near resonant frequency.
Further large value surface mount capacitors have issues to do with series resistance and inductance. Most RF engineers with a few years under their belt have horror stories of capacitors looking like inductors and inductors looking like capacitors even at quite low frequencies (LF/HF) and it is quite normal to use two or three capacitors such as 10uF 100nF and 100pF in parellel on powers supply lines hard up against active components to try to resolve the Series inductor/resistance issues and the resonnce problems they cause.
But I've said all this befor when talking about the bidirectional behaviour of transducers and the well know "microphonics" effect of components that are not properly physicaly "damped" with wax / hot melt / other absorbers.
So, as I understand it, this is another attack where the power dissipation of the computer is taken as a side channel for computational effort. Power dissipation is now estimated from acoustic emissions from electronics that heats up when used.
The solution would be to level out power use over keys "complexity". Which seems to be the received wisdom.
I do not see why this is controversial?
Most objects also have self resonant modes...
You are talking about the "Natural Resonance Ferequency" and resonance. It's sufficient to realize that capacitors and inductors eminate harmonics in the accoustic range that can be analysed. I'd go further than that! Its not just descrete components that exhibit this effect. Tracelines on boards (multilayered boards) also show this phenomena. Traces and spaces also act as distributed capacitors, inductors, and radiating antennas... Perhaps its also more effective to analyze the whole spectrum in the attack scenario (and not just the accoustic one).
@Craig: You have to keep in mind that the flip-side of "trust the math" is "DON'T trust the implementation". Mathematically the algorithms are still sound. The implementation, however, inadvertently leaks information. It's a weakness in the physical system that's being exploited here, not a weakness in the mathematics.
All you people who claim it's impossible for computers to emit any audible noise need to go try it... I've got one right here that emits such a loud noise it sounds like an ancient hard drive, and it has no hard drive... it's significantly louder than the fan... holding a straw up to your ear and moving the other end over the components helps you locate where it's all coming from too...
@herman: "Of course Bruce Schneier can read the key just by touching the computer. No equipment needed."
I sense a new T-shirt coming...
For quite a few years, I've been able to notice quite distinctive (and not very subtle) sounds associated with particular computations on notebook PCs. Roughly speaking, these are bursts of noise not altogether unlike white noise, or the modulation in high-speed telephone modems.
I don't notice these much recently, probably a combination of age-related hearing loss and using notebooks whose fans run constantly :/ So I don't remember exactly which actions were associated with the obnoxious sounds, but I recall that I inferred that is was likely related to the graphics processor.
Apart from finding the sounds a bit annoying -- partly because they reminded me of stupid TV programs and movies in which computers make a noise while they are "thinking" -- I didn't give them much thought.
First-class work on the part of these security researchers, and a caution to us all.
To those crying "FUD": it has happened over and over, that a laboratory attack has been refined to develop completely practical field attacks that work under typical conditions.
Good promotion for GnuPG after the update;-)
Discussing mechanical self-resonant frequencies of electronic components is not very helpful to understanding the problem.
Suppose that a capacitor or inductor undergoes a dimensional change -- however tiny! -- in response to changes in voltage or current. If the electrical stimulus is modulated at 1000 Hz, the surface of the component will also move at 1000 Hz, even if its self-resonant frequency many times greater than that.
The component is acting as an acoustic transducer, just like the cone or diaphragm of an audio loudspeaker. Of course, it's a very inefficient transducer ... but today's CPUs (even those intended for battery-powered operation) commonly sink 20+ amperes of supply current!
So it is to be expected that audio-frequency acoustic signals will be emitted, which are dependent on computation. The acoustic efficiency of the tiny transducers will increase with increasing frequency (because of "piston size," not self-resonant frequency), so with an ordinary microphone the best signals will be found in the highest octave (roughly 10 to 20 kHz).
Everyone remember reflecting lasers off windows? The beam was modulated by acoustics and, incredibly, could return with enough information to discern conversations taking place on the other side. Of course, there are limitations.
What next? I half expect to learn of someone reflecting lasers off windows to pick up keystrokes, whew...
How about a little jammer for your crypto sniffer? How big would an FSA have to be not to look like a decoy?
BTW, how does the smartphone screen out its own noises?
Or, put another way, how quiet does an observer have to be, in order not to over-contaminate the signal?
Easy fix -- run folding @ Home or other distributed computing app. With today's multi-core processors, they're not going to be able to tell the difference between the distributed computing and PGP.
This is no different than the old days (and still practiced today) of leaving a radio playing or white noise generator playing to keep eavesdroppers from listening in.
"Everyone remember reflecting lasers off windows? The beam was modulated by acoustics and, incredibly, could return with enough information to discern conversations taking place on the other side. Of course, there are limitations."
Limitations, which include some companies on the web who sell an item which when attached to a window, causes its own vibrations to nullify laser microphone attacks. I've seen them selling on at least one site, which can be found via Google, but I'm not posting the company name/site here for promotion.
I smirked when I saw that. I figured it was either a typo (2014 instead of 2013) or the presentation was a draft scheduled for 2014. Ive seen many academic papers dated in the future for the latter reason. Knowing govt, more likely a typo than foresight. ;)
Impressive. Not that it is any real surprise. Some smart and competent people were bound to do this sooner or later. And yes, ceramic capacitors and non-encapsulated coils radiate AC signals pretty strongly. For ceramics, this is simply the Piezo-effect. For coils it is the individual loops acting as electro-magnets.
These effects are one reason why all well-designed switching regulators switch above the the human hearing range. The other is smaller components.
Looks like we need to think about power-neutral RSA implementations...
It looks like the warning is because there are images (of a pair of door keypads) on the page linked by http and not https.
Right you are. (Bruce used an image on his blog once! Who knew.)
"With today's multi-core processors, they're not going to be able to tell the difference between the distributed computing and PGP."
According to the linked web page, "Using multiple cores turns out to help the attack"
"Using multiple cores turns out to help the attack"
This attack is really about timing, not the actual sound produced. When a core gets to do nothing but encryption, it doesn't get interrupted by other tasks, and then the timing is more consistent, and therefore easier to measure and read. It makes sense that it would be easier to filter out other unimportant sounds that overlap it, rather than ones that interrupt it and alter the timing, when you only care about the timing in the first place.
"BTW, how does the smartphone screen out its own noises?
Or, put another way, how quiet does an observer have to be, in order not to over-contaminate the signal?"
If you repeat a recording a billion times, noise does not matter. You can mask noise from any source.
This works like the femto-photography experiments - take a "cheap" camera and repeat the recording a lot of times.
I started wondering, what if one played "Fire Water Burn" by the Bloodhound Gang upshifted to ultrasonic frequencies? And very high volume? (While one was being bugged, of course. :)
One could get quite creatively vicious, particularly if one knew the attacker was in the vicinity ... the sound of a supersonic propeller makes people quite ill.
There are countermeasures.
Back in the day when we had a Radio Shack TRS-80 Model III, there were some games that had "sound". The "sound" was produced by placing a small transistor radio near the computer and tuning it to an AM station that picked up the interference from the computer. The programmers wrote the game to produce sound by using different FOR NEXT loops and such.
The real message here is that there are vectors that we haven't thought of. They are just measuring one thing by looking at something else. Consider the annoyance of stray photons in that can flip the state of the transistors in your computer memory. Put a lens in front of it and you have a camera.
I wonder if you could look at the Bluetooth or WiFi signals more carefully and see the same kinds of effects?
kashmarek: I agree.. this sounds too far fetched to be true, and that "something" you should supposedly pay them for may well be a piece of software / hardware which plants a Real backdoor / vulnerability in your computer...
You might want to google "Adi Shamir".
He is one of the most respected cryptographers of all time.
Why use RSA for bulk encryption/decryption? It's much more efficient to use a symmetric (wrapping) key for “user-data” crypto and then RSA just to protect that tiny wrapping key (e.g. S/MIME). Similarly, RSA only needs to protect the small hash of a digital signature. In these systems, there is *no* bulk RSA decryption to listen in on!
They are sending multiple emails and each email does one RSA decryption operation to extract the symmetric key.
Duh, I know that much...
But it is impossible for anyone else to call themselves his name if they aren't him? Or to have the same name without being the same person?
Or for him to be bribed? He is just a human, he can't take infinite amount of pressure and since he is among the best, probably under a lot of pressure from many sources to do what they want him to.
There are certainly measures that the end user could take to mitigate against a covert listener. It appears that this attack would be significantly more difficult if the authors did not know the inner workings of the software implementation. Still, I am wondering if this could be extended to attack hardware where you don't have access to source code but have physical possession of the hardware, i.e. cryptographic key recovery from game consoles, set top boxes, Blu-ray players... A microphone, even a good one, is pretty cheap compared to hardware reverse-engineering. The attacker can make the environment as quiet as they like, and the attack doesn't depend on defeating hardware anti-tamper measures. Maybe even combine passively observable electrical and acoustic signatures to get more information? "Machine Learning for Cryptographic Side Channel Amplification"
The paper doesn’t mention symmetric keys. It describes how multiple carefully-crafted *RSA* cipher texts can trigger zeros in an interior branch of the GnuPG algorithm. The leakage comes about because the CPU repeatedly hitting zero can be detected by a sensitive microphone. Using RSA on (small, random) symmetric keys and/or hashes would not result in such zeros.
How would i safely physically disable a laptop's microphone and camera connections? the speakers?
I'm not interested in software or BIOS settings, i want to disable the hardware permanently.
Not buying it... sounds like someone wants to win viral security post of the day. Sensitive mic or not i wont believe this without a demonstration. Good luck writing the filtering program once you record with that sensitive cellphone mic.
Unless you're in a sound proof room with a simple computer running some barebones OS and someone shouts out "OK THE MACHINE IS ABOUT TO ENCRYPT SOMETHING WHEN I PRESS ENTER" thennn maybe you could get some data you could work with..
oh yeah and everything except the cpu is outside the sound proof room. Good luck.
LOL skeptic101, if you disable general-purpose computing, you can disable the I/O bits you noticed. Also, how did your trial cryptanalysis go since there's a paper describing it just here. You'll probably want to try it with some noise from network connectivity of various sorts, an espresso machine within 200 feet, or such 'saving throws', the recent patch and/or reversion that may occur to it, perhaps an appropriate Hadoop patch for noise sources, etc. wherein you could determine up to a roomful of 4k RSA keys (for whatever size room turns out to be valid.)
Then of course there's the ground potentials attack that's lower bandwidth (thus a different database, probably.) You could follow it up with a test on compliance to see if cleartext machine and user IDs, the key, and whatever else you ended up getting are sufficient to represent a vulnerability on compliance.
Wow, for people who wished they had more orifices this is just like some kind of gift-giving holiday Bruce!
best solution against audio differential analysis, is put an audio device ontop your server, constantly playing the famous song from "led zeppelin" called: paranoid....
Mathematically, I can see this. Psychologically, it blows my mind. From a cell phone nonetheless! Would love to try this, but lack the acoustical decryption capability and the means to generate a text that would set it off for the phone to read. Will add to the enormous list of projects I'll never end up even remotely completing. Maybe some day :-( Now it makes me wonder about the whole Bad BIOS thing, where the most logical scenario was acoustical transmission. This is neat.
Does this mean gpg should have an option to play maximum volume whitenoise on the speakers during decryption?
I read with amusement, the numerous comments here expressing skepticism about this attack.
It seems to me that when the first attack was published against WEP, several of the arguments here (as to why they audio attack against gpg isn't a real vulnerability) could have been applied, with due adjustment for the differences in specific technique, to insist that WEP was not vulnerable.
Within a few years, it became easy for almost anyone to break WEP in minutes. Even the supposedly much stronger WPA and WPA2 are quite vulnerable to today's attacks.
By the way, the same Adi Shamir was also a contributor to that first WEP attack.
Along the same lines, I'm sure that many looked at the AES cache timing attack, and said "bah, this can't be done in the real world." Like the audio attack against gpg/RSA, the AES cache timing attack is subtle and difficult, and must cope with a lot of extraneous information (noise).
But where security matters, the AES cache timing vulnerability deserves to be taken very seriously -- and is, by many security professionals.
Skepticism is a useful and valuable trait -- but like stubbornness, it is a powerful tool that harms as readily as it helps. With both skepticism and stubbornness, mature and informed judgment is required, in order to know when to dig in, and when to open up.
To readers who are new to the field of security:
(1) Bruce often reminds his readers, that attacks only get better.
(2) In cryptosystems, leaking even one bit of information can be very dangerous, even though commonsense suggests it's not important. The audio attack described in this post represents a drastic information leakage.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.