• @inspxtr
    link
    411 months ago

    Since this seems to be a 2013 paper, does any one know whether there has been any update regarding software (except for GPG) or hardware defense against this attack?

    • @[email protected]OP
      link
      fedilink
      English
      111 months ago

      The researchers say in the FAQ that they disclosed it to GnuPG and they have mitigated their implementation against their specific attack, but it leaves the question of whether it is still vulrnable to a a more advanced method of audio sidechanneling and whether other encryption implementations, say, OpenSSL, OpenSSH, or Veracrypt, are also vulrnable to similar attacks.

  • @[email protected]
    link
    fedilink
    411 months ago

    This paper is a bullshit. Authors claim they are able to extract an RSA 4096 decryption key within an hour using a prepared cyphertext, but this cannot work for PGP. PGP uses an asymmetric cypher (i.e. RSA) only to encrypt a symmetric cypher key (e.g. AES) that is used to encrypt/decrypt the text itself. So RSA does not work for hours, it takes only few milliseconds to decrypt a key that is 256 bit maximum.

    Even if this method worked, it would be very hardware dependant. They would need to tune their algorithm for each laptop being attacked. So if you don’t give your laptop to attacker for several weeks, he won’t be able to steal your key.

  • @[email protected]OP
    link
    fedilink
    English
    3
    edit-2
    11 months ago

    I don’t know that much about audio sidechannels so I don’t know how realistic this would be, but my immediate thought is whether this can be extended to extract not just a single key but other data as well. For example, if you had a phone next to a computer that was reading and displaying a text file that contained confidential information, or perhaps reading values from a database, could it be possible to leak the actual data this way?

    I also wonder how many videos and audio recordings made near computers have encryption keys and other sensitive data hidden in them, just waiting to be decoded. Or whether a video recorded by a smartphone can reveal what the phone is doing in the background. A terrifying prospect.

    • Tar_Alcaran
      link
      fedilink
      711 months ago

      It only works on chosen cyphertexts. They don’t specify is that means “any file, but the attacker has to get access to it” or if it means “this very specific file that we made in order to do this attack”.

      The former being much more dangerous than the latter of course.

      • @[email protected]OP
        link
        fedilink
        English
        511 months ago

        According to the FAQ:

        The key extraction attacks finds the secret key bits one by one, sequentially. For each bit, the attacker crafts a ciphertext of a special form, that makes the acoustic leakage depend specifically on the value of that bit. The attacker then triggers decryption of that chosen ciphertext, records the resulting sound, and analyzes it.

        Which sounds to me like the latter?

      • qprimed
        link
        fedilink
        English
        111 months ago

        but, you surely will agree, this is pretty devastating for any target. known cleartext may be trivial to insert into a targets workflow, and the confirmed recovery of a private key is potentially a massive payoff.

        the ability to process and extract sensitive information from the local environment has gotten seriously scary.