W3C home > Mailing lists > Public > public-webid@w3.org > December 2013

RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Wed, 18 Dec 2013 18:24:06 +0100
Message-ID: <CAKaEYhJtEPwcL0K-bipB1w9Yj4_Ee7gvcowQMCG=tzYXbs-pRg@mail.gmail.com>
To: public-webid <public-webid@w3.org>
Here, we describe a new acoustic cryptanalysis key extraction attack,
applicable to GnuPG's current implementation of RSA. The attack can extract
full 4096-bit RSA decryption keys from laptop computers (of various
models), within an hour, using the sound generated by the computer during
the decryption of some chosen ciphertexts. We experimentally demonstrate
that such attacks can be carried out, using either a plain mobile phone
placed next to the computer, or a more sensitive microphone placed 4 meters
away.

http://www.cs.tau.ac.il/~tromer/acoustic/
Received on Wednesday, 18 December 2013 17:24:36 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:05:52 UTC