Sign In

Communications of the ACM

ACM TechNews

How Encryption Keys Could Be Stolen By Your Lunch


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
The PITA device, lying on pita bread.

Tel Aviv University researchers have developed a device that can be concealed within pita bread and which can deduce computer encryption keys.

Credit: Laboratory for Experimental Information Security

Israeli researchers from Tel Aviv University have developed a device that can be concealed within pita bread and has the ability to deduce encryption keys by sniffing the electromagnetic leakage from a computer.

The device is an example of a side-channel attack, which relies on the tiny bits of information that leak from computers as they perform computations.

The device, dubbed PITA (Portable Instrument for Trace Acquisition) by the researchers, was designed to target a laptop encrypted using the GnuPG 1.x encryption tool. The device consists of a copper unshielded loop antenna and a capacitor designed to pick up the frequencies at which encryption key information leaks.

PITA sends out multiple ciphertexts to the targeted computer and then monitors the computer's electromagnetic emissions as it decrypts the ciphertexts. The signals are collected on an internal microSD card for offline analysis, which can deduce the key from the data in a matter of seconds.

Such side-channel attacks can be very difficult to defend against and hardware solutions are unlikely to appear due to their cost. A more likely method of defending against them would be modifying software so the information leaked when it runs will be of no use to an attacker.

From IDG News Service
View Full Article

 

Abstracts Copyright © 2015 Information Inc., Bethesda, Maryland, USA


 

No entries found