Paper 2015/170

Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation

Daniel Genkin, Lev Pachmanov, Itamar Pipman, and Eran Tromer

Abstract

We present new side-channel attacks on RSA and ElGamal implementations that use the popular sliding-window or fixed-window (m-ary) modular exponentiation algorithms. The attacks can extract decryption keys using a very low measurement bandwidth (a frequency band of less than 100 kHz around a carrier under 2 MHz) even when attacking multi-GHz CPUs. We demonstrate the attacks' feasibility by extracting keys from GnuPG, in a few seconds, using a nonintrusive measurement of electromagnetic emanations from laptop computers. The measurement equipment is cheap and compact, uses readily-available components (a Software Defined Radio USB dongle or a consumer-grade radio receiver), and can operate untethered while concealed, e.g., inside pita bread. The attacks use a few non-adaptive chosen ciphertexts, crafted so that whenever the decryption routine encounters particular bit patterns in the secret key, intermediate values occur with a special structure that causes observable fluctuations in the electromagnetic field. Through suitable signal processing and cryptanalysis, the bit patterns and eventually the whole secret key are recovered.

Note: Revised March 3, 2015: minor editorial changes.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Keywords
side channelelectromagnetic analysisRSAElGamal
Contact author(s)
tromer @ cs tau ac il
History
2015-03-03: last of 2 revisions
2015-02-27: received
See all versions
Short URL
https://ia.cr/2015/170
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/170,
      author = {Daniel Genkin and Lev Pachmanov and Itamar Pipman and Eran Tromer},
      title = {Stealing Keys from {PCs} using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/170},
      year = {2015},
      url = {https://eprint.iacr.org/2015/170}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.