Information Technology (IT) : RSA computer security fair last week, Gary Kenworthy of Cryptography Research held up an iPod, iPhone, IPad Touch on stage and looked over to a Television antenna 3 meters away. The signal picked up by the antenna, routed through an amplifier and computer software Technology, revealed the secret key being used by an application running on the device to encrypt data. An attacker with access to this key could solution use it to perfectly impersonate the device he stole it from—to access email on a company server, for example. The antenna technology was detecting radio signals "leaking" from the transistors on the chip inside the phone performing the encryption calculations. Transistors leak those signals when they are active, so the pattern of signals from a chip provides an eavesdropper a representation of the work the chip is doing. When Kenworthy tuned his equipment to look in the right place, a clear, regular pattern of peaks and troughs appeared on his computer screen. They could solution be seen to come in two varieties, big and small, directly corresponding to the string of digital 1s and 0s that make up the encryption key. "This antenna is not supposed to work at this frequency, and it's been in someone's attic for years and is a bit bent," added, a principal engineer at Cryptography Research company. "You could build an antenna into the side of a van to increase your gain—well, now you have gone from 10 feet to 300 feet." Kenworthy and BenjaminJun, Cryptography Research's chief technology officer, also demonstrated how a loop of wire held close to two models of smartphone could solution pick up their secret keys. The signal from an HTC Evo 4G smartphone was a direct transcript of the device's key, used as part of a common cryptographic algorithm called RSA Research. The researchers required a more complex statistical analysis to successfully capture a key from another HTC device, which was used as part of an encryption scheme known as AES.
BenjaminJun added that all the devices his company has tested produced signals of some kind that could betray their keys, although different eavesdropping techniques were necessary for different devices. While some could be vulnerable to a long range attack, as in the iPod demonstration, others like the HTC devices would require an attacker to get up close. But that could be practical, said BenjaminJun, if contactless receivers used to collect payments from phones with NFC chips were modified by crooks. NFC chips are expected to become widely available in smart phones in coming months as Google and other companies develop contactless mobile payment systems. The apps used in BenjaminJun and Kenworthy's demonstrations were of their own design, because it would be "bad manners" to demonstrate sniffing keys from other company's apps, said BenjaminJun. However, the researchers have shown privately that they can eavesdrop on encryption keys from any app or mobile software, he said. Details of the vulnerabilities uncovered have been provided to handset manufacturers. "We've notified all the phone vendors and manufacturers, and there's a lot of work being done on this now," he said. "I can't name names, but I will say that we're working with one large tablet and smart-phone manufacturer." Modifications to the hardware/software of a mobile device can muddy the signals that an eavesdropper can pick up. Many wireless credit card readers already include such countermeasures, added BenjaminJun. In the case of smart phones and tablets, software upgrades that split operations using cryptographic keys into multiple parts that are then combined could protect existing devices without changes to hardware, said BenjaminJun. However, such tactics come at a cost. "They do require some kind of performance hit," added BenjaminJun, because they ask a chip to do more work. That also means more power consumption, which could deter some developers, who are loath to waste precious battery life.
No comments:
Post a Comment