Smartphone radio-wave crypto grab to be demonstrated at RSA by Cryptography Research

http://www.maxconsole.com/maxconsole/contents/RKSID00000000000000000538/icon_xl.jpg

Time to dig around your local Junk store or your basement and find an old AM radio, as it just might come in handy in 'decoding' private keys no matter the length or hardware protection system!

Have a 'smartphone', well be very very worried, as some clever hackers have figured out you can decode your phone's private 'cryto keys' just by placing an old-fashion AM radio within 10 feet of your 'smartphone'!



"You tune to the right frequency," says Kocher, who described the hacking procedure as involving use of a radio device much like a common AM radio that will be set up within about 10 feet from the smartphone. The radio-based device will pick up electromagnetic waves occurring when the crypto libraries inside the smartphone are used, and computations can reveal the private key. "We're stealing the key as it's being used," he says, adding, "It's independent of key length."


They plan on demonstrating how this 'radio-based' attack works at the next RSA conference in San Francisco, but before doing so are working closely with major smartphone markers to make sure 'this problem can be fixed'.

NEWS SOURCE: Stealing Smartphone Crypto Keys (via) NetworkWorld (http://www.networkworld.com/news/2012/012612-rsa-crypto-keys-255379.html)

Our thanks to 'billysastard' for another great news tip!

So by matching the frequency of the chip thats doing the crypto they can extract the key by listening in on it?

If the chip is doing multi threaded things wouldn't they need to isolate the thread thats doing the crypto?

Sounds like a safe cracker listening to the tumblers if you ask me.

Nice!! ima fire up my old vacuum tube radios.

Nice!! ima fire up my old vacuum tube radios.

I am really interested in hearing more on the subject.

Things like this fascinate me, how some of these people come up with this stuff lol

I know people used to use parabolic antennas to watch what people did on computer screens but this seems like its one step further in the concept.

I am really interested in hearing more on the subject.

Things like this fascinate me, how some of these people come up with this stuff lol

Do some reading on 'side channel attacks' it basically similar to this.

Run the same code, or set of different files that need the same key, over and over again, and record the part of the pattern of the noise that is always the same from the radio that is picking up the waves of current cycles in the CPU as it decodes because the code is running at locked at a certain speed based on the cpu freq. in a tight loop, and you can see the hills and valleys and convert them to 1's and 0's, sort of like morse code, but done at very high speeds.

Ways to stop this, is to vary the CPU freq up and down randomly while it is decoding, to make it jump around the freq. scale, or to incase the device in better shielding, like a thin layer of gold foil around the cpu itself, or better yet the whole device casing.

Do some reading on 'side channel attacks' it basically similar to this.

Run the same code, or set of different files that need the same key, over and over again, and record the part of the pattern of the noise that is always the same from the radio that is picking up the waves of current cycles in the CPU as it decodes because the code is running at locked at a certain speed based on the cpu freq. in a tight loop, and you can see the hills and valleys and convert them to 1's and 0's, sort of like morse code, but done at very high speeds.

Ways to stop this, is to vary the CPU freq up and down randomly while it is decoding, to make it jump around the freq. scale, or to incase the device in better shielding, like a thin layer of gold foil around the cpu itself, or better yet the whole device casing.

good maybe this is something we can use, shove it right up motorola's ass!!! this coming from the idiot who bought there razr for 300 bucks, to have a new one with a better battery come out a month later! and on top of that, the bootloader is locked!