Cryptography: Unsafe and sound; Ciphers can now be broken by listening to the computers that use them

Cryptography: Unsafe and sound; Ciphers can now be broken by listening to the computers that use them

Jan 18th 2014 | From the print edition

EAVESDROPPING, be it simply sticking an ear against a door or listening to and analysing the noises made by tapping different keys on a keyboard, is a stock-in-trade of spying. Listening to a computer itself, though, as it hums away doing its calculations, is a new idea. But it is one whose time has come, according to Adi Shamir, of the Weizmann Institute, in Israel, and his colleagues. And Dr Shamir should know. He donated the initial letter of his surname to the acronym “RSA”, one of the most commonly used forms of encryption. Acoustic cryptanalysis, as the new method is known, threatens RSA’s security.Acoustic cryptanalysis works by listening to a computer’s sonic signature—the noise its capacitors and coils make as they vibrate in response to the amount of power being drawn by its processor. Dr Shamir and his collaborator Eran Tromer, of Tel Aviv University, showed in 2004 that processing different RSA keys (the huge numbers needed to unlock the hidden message) produces different sonic signatures. At the time, they were unable to extract from these signatures the individual binary digits (bits) of a key, but in collaboration with Daniel Genkin of the Technion-Israel Institute of Technology they have overcome this obstacle, by tricking machines into decrypting known pieces of text.

Applying their method to GnuPG, a popular version of RSA, they thus extracted full 4,096-bit keys from a range of laptops in less than an hour. This would let anyone with malign intent read encrypted messages sent to those computers.

Tricking the machines proved surprisingly easy. Encrypted incoming e-mails are often decrypted as they arrive, so all the three researchers had to do was send the laptops encrypted e-mails carefully crafted so the acoustic leakage produced by decrypting them was specifically related to the value of particular bits in the key. A series of such texts, each building on knowledge gleaned from the previous attack, gradually builds up the whole number.

The victim of such an attack will probably not realise something is wrong until he looks at the decrypted text and realises it is gobbledygook. And, given the volume of e-mails many people receive, there is a good chance that, if the attacking e-mails are made to look like spam, or are backdated so that they drop to the bottom of the recipient’s in-box, the attack may go unnoticed altogether.

All this is no good, of course, if the sender of the attacking e-mails cannot then listen to the computer’s hum. That can be done in several ways: with a good old-fashioned bugging microphone, for example; or with a parabolic mike some distance away; or by hijacking the target computer’s own microphone, perhaps on the pretext of a chat on Skype or a similar service.

If the attacker can get close to the computer himself, though (perhaps by organising a business meeting with the subject of the attack), an even cleverer approach is possible. A suitably programmed smartphone, placed close enough to the target, can both send the e-mails and do the analysis—a method tested, in a laboratory at least, by the researchers themselves.

GnuPG has now created a patch designed to protect against this particular type of attack, using a technique called “blinding”, which muddies the acoustic signature. But that merely starts an arms race between the blinders and the spies. And, as if all this were not enough, Dr Shamir, Dr Tromer and Mr Genkin have now shown that if a spy can somehow touch the target computer when it is decrypting an e-mail then he (or, rather, the electronic box of tricks he is wearing) can extract the key by measuring changes in the electric potential of the computer’s chassis relative to the ground potential of the room.

This will not be the first time a spy has gone to earth, for sure. But perhaps it is the first when he is able to keep spying as he does so.

About bambooinnovator
Kee Koon Boon (“KB”) is the co-founder and director of HERO Investment Management which provides specialized fund management and investment advisory services to the ARCHEA Asia HERO Innovators Fund (, the only Asian SMID-cap tech-focused fund in the industry. KB is an internationally featured investor rooted in the principles of value investing for over a decade as a fund manager and analyst in the Asian capital markets who started his career at a boutique hedge fund in Singapore where he was with the firm since 2002 and was also part of the core investment committee in significantly outperforming the index in the 10-year-plus-old flagship Asian fund. He was also the portfolio manager for Asia-Pacific equities at Korea’s largest mutual fund company. Prior to setting up the H.E.R.O. Innovators Fund, KB was the Chief Investment Officer & CEO of a Singapore Registered Fund Management Company (RFMC) where he is responsible for listed Asian equity investments. KB had taught accounting at the Singapore Management University (SMU) as a faculty member and also pioneered the 15-week course on Accounting Fraud in Asia as an official module at SMU. KB remains grateful and honored to be invited by Singapore’s financial regulator Monetary Authority of Singapore (MAS) to present to their top management team about implementing a world’s first fact-based forward-looking fraud detection framework to bring about benefits for the capital markets in Singapore and for the public and investment community. KB also served the community in sharing his insights in writing articles about value investing and corporate governance in the media that include Business Times, Straits Times, Jakarta Post, Manual of Ideas, Investopedia, TedXWallStreet. He had also presented in top investment, banking and finance conferences in America, Italy, Sydney, Cape Town, HK, China. He has trained CEOs, entrepreneurs, CFOs, management executives in business strategy & business model innovation in Singapore, HK and China.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: