Partner links

He can steal your smart phone’s and tablet’s encryption keys

ASUS Transformer Duet TD 300

If you think that the encryption keys that your smart phone or tablet computer uses to protect data you want to keep others from accessing is secure, well … think again.

Crypto researchers have demonstrated that those encryption keys can be stolen using techniques that are not that difficult to assemble. Because I am very security conscious and like to pay close attention to matters of this nature, I felt I should bring it to your attention too. The article was originally published by Tom Simonite for Technology Review. The article goes like this:

At the RSA computer security conference last week, Gary Kenworthy of Cryptography Research held up an iPod Touch on stage and looked over to a TV antenna three meters away. The signal picked up by the antenna, routed through an amplifier and computer software, revealed the secret key being used by an app running on the device to encrypt data. An attacker with access to this key could use it to perfectly impersonate the device he stole it from—to access e-mail on a company server, for example.

The antenna was detecting radio signals “leaking” from the transistors on the chip inside the phone performing the encryption calculations. Transistors leak those signals when they are active, so the pattern of signals from a chip provides an eavesdropper a representation of the work the chip is doing. When Kenworthy tuned his equipment to look in the right place, a clear, regular pattern of peaks and troughs appeared on his computer screen. They could be seen to come in two varieties, large and small, directly corresponding to the string of digital 1s and 0s that make up the encryption key.

The signal from an HTC Evo 4G smart phone was a direct transcript of the device’s key, used as part of a common cryptographic algorithm called RSA. The researchers required a more complex statistical analysis to successfully capture a key from another HTC device, which was used as part of an encryption scheme known as AES.

Read the complete article here.

Share:

Facebook
Twitter
Pinterest
LinkedIn

Partner links

Newsletter: Subscribe for updates

Subscribe
Notify of
guest
3 Comments
Inline Feedbacks
View all comments

Get the latest

On social media

Security distros

Hacker
Linux distros for hacking and pentesting

Crypto mining OS

Bitcoin
Distros for mining bitcoin and other cryptocurrencies

Crypto hardware

MSI GeForce GTX 1070
Installing Nvidia GTX 1070 GPU drivers on Ubuntu

Disk guide

LVM
Beginner's guide to disks & disk partitions in Linux

Bash guide

Bash shell terminal
How to set the PATH variable in Bash
Categories
Archives
3
0
Hya, what do you think? Please comment.x
()
x