11 votes

Researchers crack the world’s toughest encryption by listening to the tiny sounds made by your computer’s CPU

Security researchers have successfully broken one of the most secure encryption algorithms, 4096-bit RSA, by listening – yes, with a microphone — to a computer as it decrypts some encrypted data. The attack is fairly simple and can be carried out with rudimentary hardware. The repercussions for the average computer user are minimal, but if you’re a secret agent, power user, or some other kind of encryption-using miscreant, you may want to reach for the Rammstein when decrypting your data.

This acoustic cryptanalysis, carried out by Daniel Genkin, Adi Shamir (who co-invented RSA), and Eran Tromer, uses what’s known as a side channel attack. A side channel is an attack vector that is non-direct and unconventional, and thus hasn’t been properly secured. For example, your pass code prevents me from directly attacking your phone — but if I could work out your pass code by looking at the greasy smudges on your screen, that would be a side channel attack. In this case, the security researchers listen to the high-pitched (10 to 150 KHz) sounds produced by your computer as it decrypts data.

This might sound crazy, but with the right hardware it’s actually not that hard. For a start, if you know exactly what frequency to listen out for, you can use low- and high-pass filters to ensure that you only have the sounds that emanate from your PC while the CPU decrypts data. (In case you were wondering, the acoustic signal is actually generated by the CPU’s voltage regulator, as it tries to maintain a constant voltage during wildly varied and bursty loads). Then, once you have the signal, it’s time for the hard bit: Actually making sense of it.

Read more: http://www.extremetech.com/extreme/173108-researchers-crack-...

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Easy fix...

Within the encryption/decryption software, perform thousands of random calculations unrelated to the encryption/decryption process and parallize the program with dynamic job scheduling so that no two (multi-core) cpus will handle the job exactly the same (and likely no one processor will handle it the same job to job if properly designed).

"She was an enchanting study" - A Tramp Abroad, Mark Twain, 1880

"A Tramp Abroad, by Mark Twain. Published 1880.

She was an enchanting study. Her gown was of a soft white silky stuff that clung to her round young figure like a fish's skin, and it was rippled over with the gracefulest little fringy films of lace; she had deep, tender eyes, with long, curved lashes; and she had peachy cheeks, and a dimpled chin, and such a dear little rosebud of a mouth; and she was so dove-like, so pure, and so gracious, so sweet and so bewitching. For long hours I did mightily wish she would speak. And at last she did; the red lips parted, and out leaps her thought—and with such a guileless and pretty enthusiasm, too:

    "Auntie, I just know I've got five hundred fleas on me!"

That was probably over the average. Yes, it must have been very much over the average. The average at that time in the Grand Duchy of Baden was forty-five to a young person (when alone), according to the official estimate of the home secretary for that year; the average for older people was shifty and indeterminable, for whenever a wholesome young girl came into the presence of her elders she immediately lowered their average and raised her own. She became a sort of contribution-box.

This dear young thing in the theater had been sitting there unconsciously taking up a collection. Many a skinny old being in our neighborhood was the happier and the restfuler for her coming. In that large audience, that night, there were eight very conspicuous people. These were ladies who had their hats or bonnets on. What a blessed thing it would be if a lady could make herself conspicuous in our theaters by wearing her hat....

Disclaimer: Mark Twain (1835-1910-To be continued) is unlicensed. His river pilot's license went delinquent in 1862. Caution advised. Daily Paul

what happens if i fart while decrypting?

will this compromise the cpu sound if someone is listening in? or can it be done through vibration signals coming from the cpu?

anyone can recommend a good book about encryption that easily explains this technology? algorithms and all this fun stuff? my brain seems up for the challenge...

Sounds useless to me, unless I'm misunderstanding what they are


If the only way to "decrpyt" is to listen while actual decryption is taking place on a unique physical machine, you still need physical access to that machine, AND you need to be listening in while it is decyrpting data.

Essentially, you need the user who wants to keep their stuff a secret, issue their password and initiate decryption, so you can listen in and decode the voltage fluctuations into data.

Why not just have him enter his password and then READ his data like a normal human?

Now, if what these guys are doing can be combined with voltage fluctuation detectors and recorders built into SMART meters, now we have a different issue all-together, for then, they don't need physical proximity (they have physical access through the meter) and they only need to listen in, and then when the user goes about their business, they can see what the user is doing.

Proof of concept has already been demonstrated that SMART meters could collect data that could determine what images are on your TV simply by the voltage fluctuations. I'm guessing this leap isn't far off.


This is not new but very interesting.

All rights reserved and no rights waived.

This is probably not a big deal

What they are exploiting is that in naive implementations of RSA the amount of computer power needed during en/decryption varies with each binary digit in the key. If the digit is zero then no computation is done and if it is one that a tight loop is executed.

There have been other side channel attacks that exploit this weakness in naive implementations. The obvious fix is to slightly change the algorithm so the same computation is done whether the digit is a zero or a one. This reduces the efficiency by a factor of two but it makes these side channel attacks much more difficult.

In fact, the authors contacted GPG before publicly releasing this exploit and the fix is in place [tau.ac.il]:

Q9 How vulnerable is GnuPG now?

We have disclosed our attack to GnuPG developers under CVE-2013-4576, suggested suitable countermeasures, and worked with the developers to test them. New versions of GnuPG 1.x and of libgcrypt (which underlies GnuPG 2.x), containing these countermeasures and resisting our current key-extraction attack, were released concurrently with the first public posting of these results. Some of the effects we found (including RSA key distinguishability) remain present.


Q13: What countermeasures are available?

One obvious countermeasure is to use sound dampening equipment, [...]

Alternatively, one can employ algorithmic techniques to reduce the usefulness of the emanations to attacker. These techniques ensure the rough-scale behavior of the algorithm is independent of the inputs it receives; they usually carry some performance penalty, but are often already used to thwart other side-channel attacks. This is what we helped implement in GnuPG (see Q9).

Solution? Get a Mac.

As far as I know a mac still

As far as I know a mac still has a CPU and a voltage regulator

But I hope your comment was made with some sarcasm

Interestingly enough, I

Interestingly enough, I haven't had a single virus on my computer since Apple transitioned to OSX...more than 11 years?

Something like 85% of the

Something like 85% of the market is stuff that runs windows. Macs can still get viruses but there just arnt many around.
With that said, I run windows and I average maybe a virus in 3-4 years. Usually they take me all of 20min to take care of.

To climb the mountain, you must believe you can.

that you know of velveeta,

that you know of velveeta, and not just limited to macs

im just saying, you cant be to sure of these things, stands to reason that one of the main goals of some viruses is to remain undetectable, so, you never know

always better to assume its possible, that way, vigilance in attempts to detect exploits doesnt become lapse, helps when the "victim" doesnt victimize those persons whose good will told him/her to inform the "victim" of the exploit, instead of using it for nerfarious reasons, but i digress

it doesn't sound crazy to me...

i've said it before and i'll say it again. nothing, digital, is secure.
and honestly i don't think anything can ever be truly secure, it can, however, be relatively secure.

I use Blue Wave, but don't expect one of THEIR silly taglines.