Smart Phones ‘Leak’ Crypto Keys

Thursday, March 1, 2012 @ 04:03 PM gHale


Smart phones used for sensitive transactions leak data an attacker could use to recover the cryptographic keys securing connections, researchers said.

Tests using about $1,000 worth of off-the-shelf equipment were able to pick up power usage information from phones’ CPUs from as far away as 30 feet, said Benjamin Jun, vice president of technology at Cryptography Research Inc. An attacker could analyze the data and learn the cryptographic keys generated and used.

RELATED STORIES
Smartphone Security Faces Big Problem
DDoS Tool Heads to Android
Mobile Malware Skyrocketing
Hackers Find Cell Phone Location

“That distance was a surprise to me,” said Jun, who is presenting results of the research at this week’s RSA Conference. Picking off the signals at that distance required a fairly bulky cell base station antenna. But smaller loop and e-field antennas were able to pick up usable signals at distances of a few inches or a few feet.

“What we’re trying to do here is not show the limits of what can be done,” but to determine the amount of data leakage and demonstrate the dangers it poses, Jun said.

By analyzing power consumption in the CPU during cryptographic processes, an attacker could extract data, including crypto keys.

Passive power analysis attacks against cryptography are not new and practical countermeasures are available. They include reducing or obfuscating the signals leaked, masking them with noise, adding randomness to the crypto processes, or changing protocol usages to make the keys less obvious.

Unfortunately, some of these measures can have performance impacts of from 10 to 400 percent, depending on the countermeasures and the algorithm used.

Fixes can go into smart-phone hardware, operating systems and applications. Manufacturers and developers are responding to the threat, Jun said.

“This is a bit of an eye-opener,” he said. “We’re getting a lot of response at all three levels.” Although security has not often been a priority in smart-phone design and application development, “there are mobile devices shipping today with countermeasures, so I think it is a matter of when, not if, it is done.”

Smart, Internet-enabled cell phones use cryptography in for different duties, including Virtual Private Networking, SSL Web traffic, securing financial transactions and encrypting data stored on the phone. Typically these functions lean more toward convenience.

“The whole point is to get you to your data as quickly as possible,” Jun said. “We are asking these devices to do computations with secrets that were traditionally done in more secure environments.”

Cryptographic computations do not broadcast on the cellular signal but an attacker can pick them up through electromagnetic emanations generated by electrical activity in a phone’s chips. The phones exploited in the tests meet Federal Communications Commission requirements that leakage not cause harmful interference with communications.

Jun and Gary Kenworthy demonstrated an attack against elliptic curve cryptography on a PDA from 10 feet away, and against an Android app on an HTC Evo 4G phone using a loop antenna placed against the back of the phone. They used a $400 receiver and analyzed signals using well-known power analysis tools.

“We found we were able to see emissions from the devices that were associated with what the phone was doing,” Jun said.



Leave a Reply

You must be logged in to post a comment.