Access the full text.
Sign up today, get DeepDyve free for 14 days.
Loading next page...
/lp/springer-journals/get-your-hands-off-my-laptop-physical-side-channel-key-extraction-K1T660uU8l
References (35)
-
R. Novak (2002)
SPA-Based Adaptive Chosen-Ciphertext Attack on RSA Implementation -
Karine Gandolfi, C. Mourtel, Francis Olivier (2001)
Electromagnetic Analysis: Concrete Results -
Sung-Ming Yen, Wei-Chih Lien, S. Moon, JaeCheol Ha (2005)
Power Analysis by Exploiting Chosen Message and Internal Collisions - Vulnerability of Checking Mechanism for RSA-Decryption -
Carlos Tokunaga, D. Blaauw (2010)
Securing Encryption Systems With a Switched Capacitor Current EqualizerIEEE Journal of Solid-State Circuits, 45
-
M. Elkins, D. Torto, Raph Levien, Thomas Roessler (2001)
MIME Security with OpenPGPRFC, 3156
-
A. Zajić, Milos Prvulović (2014)
Experimental Demonstration of Electromagnetic Information Leakage From Modern Processor-Memory SystemsIEEE Transactions on Electromagnetic Compatibility, 56
-
P. Kocher, J. Jaffe, Benjamin Jun (1999)
Differential Power Analysis -
R. Phan (2009)
Review of Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd Edition by Ross J. AndersonCryptologia, 33
-
Wei-Ming Hu (1992)
Lattice scheduling and covert channelsProceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy
-
M. Kuhn (2005)
Compromising Emanations -
Shane Clark, H. Mustafa, Benjamin Ransford, Jacob Sorber, Kevin Fu, Wenyuan Xu (2013)
Current Events: Identifying Webpages by Tapping the Electrical Outlet -
Dag Osvik, A. Shamir, Eran Tromer (2006)
Cache Attacks and Countermeasures: The Case of AES -
D. Coppersmith (1997)
Small Solutions to Polynomial Equations, and Low Exponent RSA VulnerabilitiesJournal of Cryptology, 10
-
David Brumley, D. Boneh (2003)
Remote timing attacks are practicalComput. Networks, 48
-
Daniel Genkin, Lev Pachmanov, Itamar Pipman, Eran Tromer (2015)
Stealing Keys from PCs Using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation -
S. Mangard, E. Oswald, Thomas Popp (2007)
Power analysis attacks - revealing the secrets of smart cards -
C. Walter, Susan Thompson (2001)
Distinguishing Exponent Digits by Observing Modular Subtractions -
N. Homma, A. Miyamoto, T. Aoki, Akashi Satoh, A. Shamir (2008)
Collision-Based Power Analysis of Modular Exponentiation Using Chosen-Message Pairs -
C Tokunaga, D Blaauw (2010)
Securing encryption systems with a switched capacitor current equalizerSolid-State Circuits IEEE J., 45
-
Pierre-Alain Fouque, F. Valette (2003)
The Doubling Attack - Why Upwards Is Better than Downwards -
D. Agrawal, B. Archambeault, J. Rao, P. Rohatgi (2002)
The EM Side-Channel(s) -
Y. Yarom, K. Falkner (2014)
FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel AttackIACR Cryptol. ePrint Arch., 2013
-
Daniel Genkin, A. Shamir, Eran Tromer (2014)
RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis -
Jörn-Marc Schmidt, Thomas Plos, Mario Kirschbaum, M. Hutter, M. Medwed, Christoph Herbst (2010)
Side-Channel Leakage across Borders -
J. Callas, Lutz Donnerhacke, Hal Finney, R. Thayer (1998)
OpenPGP Message FormatRFC, 4880
-
T. Messerges, E. Dabbish, R. Sloan (1999)
Power Analysis Attacks of Modular Exponentiation in Smartcards -
Ross Anderson (2001)
Security Engineering: A Guide to Building Dependable Distributed Systems -
B. Brumley, Nicola Tuveri (2011)
Remote Timing Attacks Are Still PracticalIACR Cryptol. ePrint Arch., 2011
-
A Karatsuba, Y Ofman (1962)
Multiplication of many-digital numbers by automatic computersProc. USSR Acad. Sci., 145
-
P. Kocher, J. Jaffe, Benjamin Jun, P. Rohatgi (2011)
Introduction to differential power analysisJournal of Cryptographic Engineering, 1
-
J. Courrège, B. Feix, Mylène Roussellet (2010)
Simple Power Analysis on Exponentiation Revisited -
T. Elgamal (1984)
A public key cryptosystem and a signature scheme based on discrete logarithms -
J. Quisquater, David Samyde (2001)
ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards -
P. Kocher (1996)
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems -
C. Walter, David Samyde (2005)
Data dependent power use in multipliers17th IEEE Symposium on Computer Arithmetic (ARITH'05)
- Publisher
- Springer Journals
- Copyright
- Copyright © 2015 by Springer-Verlag Berlin Heidelberg
- Subject
- Computer Science; Data Encryption; Circuits and Systems; Computer Communication Networks; Communications Engineering, Networks; Data Structures, Cryptology and Information Theory; Operating Systems
- ISSN
- 2190-8508
- eISSN
- 2190-8516
- DOI
- 10.1007/s13389-015-0100-7
- Publisher site
- See Article on Publisher Site
Abstract
We demonstrate physical side-channel attacks on a popular software implementation of RSA and ElGamal, running on laptop computers. Our attacks use novel side channels, based on the observation that the “ground” electric potential, in many computers, fluctuates in a computation-dependent way. An attacker can measure this signal by touching exposed metal on the computer’s chassis with a plain wire, or even with a bare hand. The signal can also be measured on the ground shield at the remote end of Ethernet, USB and display cables. Through suitable cryptanalysis and signal processing, we have extracted 4096-bit RSA keys and 3072-bit ElGamal keys from laptops, via each of these channels, as well as via power analysis and electromagnetic probing. Despite the GHz-scale clock rate of the laptops and numerous noise sources, the full attacks require a few seconds of measurements using Medium Frequency (MF) signals (around 2 MHz), or one hour using Low Frequency (LF) signals (up to 40 kHz).
Journal
Journal of Cryptographic Engineering – Springer Journals
Published: May 6, 2015