We demonstrate the attacks' feasibility by extracting keys from GnuPG, in a few seconds, using a nonintrusive measurement of electromagnetic emanations from laptop computers. The measurement equipment is cheap and compact, uses readily-available components (a Software Defined Radio USB dongle or a consumer-grade radio receiver), and can operate untethered while concealed, e.g., inside pita bread.
The attacks use a few non-adaptive chosen ciphertexts, crafted so that whenever the decryption routine encounters particular bit patterns in the secret key, intermediate values occur with a special structure that causes observable fluctuations in the electromagnetic field. Through suitable signal processing and cryptanalysis, the bit patterns and eventually the whole secret key are recovered.Category / Keywords: side channel, electromagnetic analysis, RSA, ElGamal Date: received 27 Feb 2015, last revised 3 Mar 2015 Contact author: tromer at cs tau ac il Available format(s): PDF | BibTeX Citation Note: Revised March 3, 2015: minor editorial changes. Version: 20150303:085429 (All versions of this report) Short URL: ia.cr/2015/170 Discussion forum: Show discussion | Start new discussion