Acoustic cryptanalysis

Last updated

Acoustic cryptanalysis is a type of side channel attack that exploits sounds emitted by computers or other devices.

Contents

Most of the modern acoustic cryptanalysis focuses on the sounds produced by computer keyboards and internal computer components, but historically it has also been applied to impact printers, and electromechanical deciphering machines.

History

Victor Marchetti and John D. Marks eventually negotiated the declassification of CIA acoustic intercepts of the sounds of cleartext printing from encryption machines. [1] Technically this method of attack dates to the time of FFT hardware being cheap enough to perform the task; in this case the late 1960s to mid-1970s. However, using other more primitive means such acoustical attacks were made in the mid-1950s.

In his book Spycatcher , former MI5 operative Peter Wright discusses use of an acoustic attack against Egyptian Hagelin cipher machines in 1956. The attack was codenamed "ENGULF". [2]

Known attacks

In 2004, Dmitri Asonov and Rakesh Agrawal of the IBM Almaden Research Center announced that computer keyboards and keypads used on telephones and automated teller machines (ATMs) are vulnerable to attacks based on the sounds produced by different keys. Their attack employed a neural network to recognize the key being pressed. By analyzing recorded sounds, they were able to recover the text of data being entered. These techniques allow an attacker using covert listening devices to obtain passwords, passphrases, personal identification numbers (PINs), and other information entered via keyboards. In 2005, a group of UC Berkeley researchers performed a number of practical experiments demonstrating the validity of this kind of threat. [3]

Also in 2004, Adi Shamir and Eran Tromer demonstrated that it may be possible to conduct timing attacks against a CPU performing cryptographic operations by analyzing variations in acoustic emissions. Analyzed emissions were ultrasonic noise emanating from capacitors and inductors on computer motherboards, not electromagnetic emissions or the human-audible humming of a cooling fan. [4] Shamir and Tromer, along with new collaborator Daniel Genkin and others, then went on to successfully implement the attack on a laptop running a version of GnuPG (an RSA implementation), using either a mobile phone located close to the laptop, or a laboratory-grade microphone located up to 4 m away, and published their experimental results in December 2013. [5]

Acoustic emissions occur in coils and capacitors because of small movements when a current surge passes through them. Capacitors in particular change diameter slightly as their many layers experience electrostatic attraction/repulsion or piezoelectric size change. [6] A coil or capacitor which emits acoustic noise will, conversely, also be microphonic, and the high-end audio industry takes steps with coils [7] and capacitors [8] to reduce these microphonics (immissions) because they can muddy a hi-fi amplifier's sound.[ citation needed ]

In March 2015, it was made public that some inkjet printers using ultrasonic heads can be read back using high frequency MEMS microphones to record the unique acoustic signals from each nozzle and using timing reconstruction with known printed data,[ citation needed ] that is, "confidential" in 12-point font.[ clarification needed ] Thermal printers can also be read using similar methods but with less fidelity as the signals from the bursting bubbles are weaker.[ citation needed ] The hack also involved implanting a microphone, chip storage IC and burst transmitter with long-life Li+ battery into doctored cartridges substituted for genuine ones sent by post to the target, typically a bank, then retrieved from the garbage using challenge-response RFID chip.[ citation needed ] A similar work on reconstructing printouts made by dot-matrix printers was publicized in 2011. [9]

A new acoustic cryptanalysis technique discovered by a research team at Israel's Ben-Gurion University Cybersecurity Research Center allows data to be extracted using a computer's speakers and headphones.[ citation needed ] Forbes published a report stating that researchers found a way to see information being displayed, by using microphone, with 96.5% accuracy. [10]

In 2016, Genkin, Shamir, and Tromer published another paper that described a key extraction attack that relied on the acoustic emissions from laptop devices during the decryption process. They demonstrated the success of their attack with both a simple mobile phone and a more sensitive microphone. [11]

Countermeasures

This kind of cryptanalysis can be defeated by generating sounds that are in the same spectrum and same form as keypresses. If sounds of actual keypresses are randomly replayed, it may be possible to totally defeat such kinds of attacks. It is advisable to use at least 5 different recorded variations (36 x 5 = 180 variations) for each keypress to get around the issue of FFT fingerprinting. [12] Alternatively, white noise of a sufficient volume (which may be simpler to generate for playback) will also mask the acoustic emanations of individual keypresses.

See also

Related Research Articles

<span class="mw-page-title-main">Advanced Encryption Standard</span> Standard for the encryption of electronic data

The Advanced Encryption Standard (AES), also known by its original name Rijndael, is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.

Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording (logging) the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware that their actions are being monitored. Data can then be retrieved by the person operating the logging program. A keystroke recorder or keylogger can be either software or hardware.

<span class="mw-page-title-main">Microphone</span> Device that converts sound into an electrical signal

A microphone, colloquially called a mic, or mike, is a transducer that converts sound into an electrical signal. Microphones are used in many applications such as telephones, hearing aids, public address systems for concert halls and public events, motion picture production, live and recorded audio engineering, sound recording, two-way radios, megaphones, and radio and television broadcasting. They are also used in computers and other electronic devices, such as mobile phones, for recording sounds, speech recognition, VoIP, and other purposes, such as ultrasonic sensors or knock sensors.

<span class="mw-page-title-main">Tempest (codename)</span> Espionage using electromagnetic leakage

TEMPEST is a U.S. National Security Agency specification and a NATO certification referring to spying on information systems through leaking emanations, including unintentional radio or electrical signals, sounds, and vibrations. TEMPEST covers both methods to spy upon others and how to shield equipment against such spying. The protection efforts are also known as emission security (EMSEC), which is a subset of communications security (COMSEC). The reception methods fall under the umbrella of radiofrequency MASINT.

<span class="mw-page-title-main">Daniel J. Bernstein</span> American mathematician, cryptologist and computer scientist (born 1971)

Daniel Julius Bernstein is an American mathematician, cryptologist, and computer scientist. He was a visiting professor at CASA at Ruhr University Bochum until 2024, as well as a research professor of Computer Science at the University of Illinois at Chicago. Before this, he was a visiting professor in the department of mathematics and computer science at the Eindhoven University of Technology.

<span class="mw-page-title-main">David A. Wagner</span> American computer scientist (born 1974)

David A. Wagner is a professor of computer science at the University of California, Berkeley and a well-known researcher in cryptography and computer security. He is a member of the Election Assistance Commission's Technical Guidelines Development Committee, tasked with assisting the EAC in drafting the Voluntary Voting System Guidelines. He was also a member of the ACCURATE project.

In cryptography, Skipjack is a block cipher—an algorithm for encryption—developed by the U.S. National Security Agency (NSA). Initially classified, it was originally intended for use in the controversial Clipper chip. Subsequently, the algorithm was declassified.

Van Eck phreaking, also known as Van Eck radiation, is a form of network eavesdropping in which special equipment is used for a side-channel attack on the electromagnetic emissions of electronic devices. While electromagnetic emissions are present in keyboards, printers, and other electronic devices, the most notable use of Van Eck phreaking is in reproducing the contents of a cathode-ray tube (CRT) display at a distance.

In cryptography, the eXtended Sparse Linearization (XSL) attack is a method of cryptanalysis for block ciphers. The attack was first published in 2002 by researchers Nicolas Courtois and Josef Pieprzyk. It has caused some controversy as it was claimed to have the potential to break the Advanced Encryption Standard (AES) cipher, also known as Rijndael, faster than an exhaustive search. Since AES is already widely used in commerce and government for the transmission of secret information, finding a technique that can shorten the amount of time it takes to retrieve the secret message without having the key could have wide implications.

In computer security, a side-channel attack is any attack based on extra information that can be gathered because of the fundamental way a computer protocol or algorithm is implemented, rather than flaws in the design of the protocol or algorithm itself or minor, but potentially devastating, mistakes or oversights in the implementation. Timing information, power consumption, electromagnetic leaks, and sound are examples of extra information which could be exploited to facilitate side-channel attacks.

<span class="mw-page-title-main">Microphonics</span>

Microphonics, microphony, or microphonism describes the phenomenon wherein certain components in electronic devices transform mechanical vibrations into an undesired electrical signal (noise). The term comes from analogy with a microphone, which is intentionally designed to convert vibrations to electrical signals.

In cryptography and number theory, TWIRL is a hypothetical hardware device designed to speed up the sieving step of the general number field sieve integer factorization algorithm. During the sieving step, the algorithm searches for numbers with a certain mathematical relationship. In distributed factoring projects, this is the step that is parallelized to a large number of processors.

<span class="mw-page-title-main">Baudline</span> Signal analyser

The baudline time-frequency browser is a signal analysis tool designed for scientific visualization. It runs on several Unix-like operating systems under the X Window System. Baudline is useful for real-time spectral monitoring, collected signals analysis, generating test signals, making distortion measurements, and playing back audio files.

<span class="mw-page-title-main">Ultrasonic transducer</span> Acoustic sensor

Ultrasonic transducers and ultrasonic sensors are devices that generate or sense ultrasound energy. They can be divided into three broad categories: transmitters, receivers and transceivers. Transmitters convert electrical signals into ultrasound, receivers convert ultrasound into electrical signals, and transceivers can both transmit and receive ultrasound.

Non-interactive zero-knowledge proofs are cryptographic primitives, where information between a prover and a verifier can be authenticated by the prover, without revealing any of the specific information beyond the validity of the statement itself. This makes direct communication between the prover and verifier unnecessary, effectively removing any intermediaries.

<span class="mw-page-title-main">Input device</span> Device that provides data and signals to a computer

In computing, an input device is a piece of equipment used to provide data and control signals to an information processing system, such as a computer or information appliance. Examples of input devices include keyboards, computer mice, scanners, cameras, joysticks, and microphones.

Computer security compromised by hardware failure is a branch of computer security applied to hardware. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. Such secret information could be retrieved by different ways. This article focus on the retrieval of data thanks to misused hardware or hardware failure. Hardware could be misused or exploited to get secret data. This article collects main types of attack that can lead to data theft.

In cryptography, electromagnetic attacks are side-channel attacks performed by measuring the electromagnetic radiation emitted from a device and performing signal analysis on it. These attacks are a more specific type of what is sometimes referred to as Van Eck phreaking, with the intention to capture encryption keys. Electromagnetic attacks are typically non-invasive and passive, meaning that these attacks are able to be performed by observing the normal functioning of the target device without causing physical damage. However, an attacker may get a better signal with less noise by depackaging the chip and collecting the signal closer to the source. These attacks are successful against cryptographic implementations that perform different operations based on the data currently being processed, such as the square-and-multiply implementation of RSA. Different operations emit different amounts of radiation and an electromagnetic trace of encryption may show the exact operations being performed, allowing an attacker to retrieve full or partial private keys.

Keystroke inference attacks are a class of privacy-invasive technique that allows attackers to infer what a user is typing on a keyboard.

Eran Tromer is a professor of computer science at Boston University. His research focuses on information security, cryptography and algorithms. He is a founding scientist of Zcash.

References

  1. Marchetti, Victor; Marks, John (1974). The CIA and the Cult of Intelligence . Knopf. ISBN   0394482395.
  2. Wright, Peter (1987), Spycatcher: The candid autobiography of a senior intelligence officer, Viking
  3. Yang, Sarah (14 September 2005). "Researchers recover typed text using audio recording of keystrokes". UC Berkeley News.
  4. Shamir, Adi; Tromer, Eran. "Acoustic cryptanalysis: On nosy people and noisy machines". tau.ac.il.
  5. Genkin, Daniel; Shamir, Adi; Tromer, Eran. "RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis". tau.ac.il.
  6. "Capacitors for Reduced Micro phonics and Sound Emission" (PDF). CARTS 2007 Symposium Proceedings, Albuquerque. Electronic Components, Assemblies & Materials Association (ECA). March 2007. Archived from the original (PDF) on 2019-11-16. Retrieved 2014-01-24.
  7. "FoilQ, .50mH 16ga". Meniscusaudio.com. Archived from the original on 2014-02-20. Retrieved 2014-01-24.
  8. "50uF 250volt Metallized Polyester Mylar Film Capacitor-ERSE". Erseaudio.com. Retrieved 2014-01-24.
  9. Michael Backes; Markus Dürmuth; Sebastian Gerling; Manfred Pinkal; Caroline Sporleder (January 9, 2011). "Acoustic Side-Channel Attacks on Printers" (PDF). eecs.umich.edu. Retrieved March 10, 2015.
  10. Mathews, Lee (2018-08-31). "Now Hackers Can Spy On You By Listening To Your Screen". Forbes. Retrieved 2019-03-13.
  11. Genkin, Daniel; Shamir, Adi; Tromer, Eran (2016-02-08). "Acoustic Cryptanalysis". Journal of Cryptology. 30 (2): 392–443. doi:10.1007/s00145-015-9224-2. ISSN   0933-2790. S2CID   31377774.
  12. Asonov, Dmitri; Agrawal, Rakesh (2004), "Keyboard Acoustic Emanations" (PDF), IBM Almaden Research Center, archived from the original (PDF) on 2012-02-27, retrieved 2007-05-08
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.