Paper 2014/626

Get Your Hands Off My Laptop: Physical Side-Channel Key-Extraction Attacks on PCs

Daniel Genkin, Itamar Pipman, and Eran Tromer

Abstract

We demonstrate physical side-channel attacks on a popular software implementation of RSA and ElGamal, running on laptop computers. Our attacks use novel side channels, based on the observation that the "ground" electric potential, in many computers, fluctuates in a computation-dependent way. An attacker can measure this signal by touching exposed metal on the computer's chassis with a plain wire, or even with a bare hand. The signal can also be measured at the remote end of Ethernet, VGA or USB cables. Through suitable cryptanalysis and signal processing, we have extracted 4096-bit RSA keys and 3072-bit ElGamal keys from laptops, via each of these channels, as well as via power analysis and electromagnetic probing. Despite the GHz-scale clock rate of the laptops and numerous noise sources, the full attacks require a few seconds of measurements using Medium Frequency signals (around 2 MHz), or one hour using Low Frequency signals (up to 40 kHz).

Note: Extended version

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published by the IACR in CHES 2014
Keywords
side channel attackpower analysisRSA key extraction
Contact author(s)
tromer @ cs tau ac il
History
2014-08-20: revised
2014-08-20: received
See all versions
Short URL
https://ia.cr/2014/626
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/626,
      author = {Daniel Genkin and Itamar Pipman and Eran Tromer},
      title = {Get Your Hands Off My Laptop: Physical Side-Channel Key-Extraction Attacks on PCs},
      howpublished = {Cryptology ePrint Archive, Paper 2014/626},
      year = {2014},
      note = {\url{https://eprint.iacr.org/2014/626}},
      url = {https://eprint.iacr.org/2014/626}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.