Researchers say a plain consumer radio receiver also works

Jun 23, 2015 17:11 GMT  ·  By

Researchers at Tel Aviv University in collaboration with Israel’s Technion institute have created a palm-sized radio device that can capture decryption keys from laptops sitting just almost half a meter away (19in).

The new side-channel attack functions without tethering against RSA and ElGamal implementations in GnuPG open source encryption software, and it is possible by intercepting electromagnetic emanations from the CPU of the targeted mobile computer device.

Device can be hidden in a pita bread

The cost of the radio device has been estimated at $300 / €270 and it can be built with readily available components: a Rikomagic controller, a piece of wire acting as an antenna, and a FUNcube software-defined radio (SDR).

A more professional variant would also include a data storage card, batteries and a WiFi antenna for sending data wirelessly to the attacker’s machine.

However, the researchers also show how such a device can be made using components commonly found in a household (a plain consumer-grade radio receiver).

The gadget created by the researchers was dubbed PITA (short for Portable Instrument for Trace Acquisition), in reference to the fact that the device can be concealed inside a pita bread.

During the experiment, it was possible to extract decryption keys in just seconds when non-adaptive ciphertext choice was involved.

Electromagnetic field reveals bit patterns

In a highly technical research paper (provided by Andy Greenberg on Scribd), the researchers explain that their method relies on non-adaptive ciphertexts that were “crafted so that whenever the decryption routine encounters particular bit patterns in the secret key, intermediate values occur with a special structure that causes observable fluctuations in the electromagnetic field.”

By further processing the signal and through cryptographic interpretation, the bit patterns and the secret keys can be retrieved. For the theft, a very low measurement bandwidth is used (less than 100kHz around carrier under 2MHz).

The experiment proved to be a success on a Lenovo 3000 N200 with a version of GnuPG that was the latest at the time of the research. An update was released at the beginning of the year to counter this form of attack, but ElGamal and RSA encryption is implemented in other software that may still be vulnerable.

PITA intercepting CPU emissions from a 19in distance
PITA intercepting CPU emissions from a 19in distance

Photo Gallery (2 Images)

Portable Instrument for Trace Acquisition
PITA intercepting CPU emissions from a 19in distance
Open gallery