Crytpography and its weaknesses

January 21, 2014 |

Encryption of data is a fundamental part of protecting personal information stored by an agency or organisation.  Or at least it should be.  Keeping data in the clear form makes the work of a hacker easier once he or she breaks into a system.  Data breaches should be avoided by having up to date and suitably effective systems.  Even so they happen. In that case mitigating loss is important.  It is certainly an important factor privacy commissioners look at when assessing the steps taken to maintain data security.  But what if the underlying basis of encryption is compromised.  That has partly been the case by revelations that the NSA has been able to break encryption codes by various means including having access to the “back door” of some of the programs.

In Unsafe and sound the Economist considers another, and quite ingenious, way acoustics are being used to decrypt text.

It provides:

EAVESDROPPING, be it simply sticking an ear against a door or listening to and analysing the noises made by tapping different keys on a keyboard, is a stock-in-trade of spying. Listening to a computer itself, though, as it hums away doing its calculations, is a new idea. But it is one whose time has come, according to Adi Shamir, of the Weizmann Institute, in Israel, and his colleagues. And Dr Shamir should know. He donated the initial letter of his surname to the acronym “RSA”, one of the most commonly used forms of encryption. Acoustic cryptanalysis, as the new method is known, threatens RSA’s security.

Acoustic cryptanalysis works by listening to a computer’s sonic signature—the noise its capacitors and coils make as they vibrate in response to the amount of power being drawn by its processor. Dr Shamir and his collaborator Eran Tromer, of Tel Aviv University, showed in 2004 that processing different RSA keys (the huge numbers needed to unlock the hidden message) produces different sonic signatures. At the time, they were unable to extract from these signatures the individual binary digits (bits) of a key, but in collaboration with Daniel Genkin of the Technion-Israel Institute of Technology they have overcome this obstacle, by tricking machines into decrypting known pieces of text.

Applying their method to GnuPG, a popular version of RSA, they thus extracted full 4,096-bit keys from a range of laptops in less than an hour. This would let anyone with malign intent read encrypted messages sent to those computers.

Tricking the machines proved surprisingly easy. Encrypted incoming e-mails are often decrypted as they arrive, so all the three researchers had to do was send the laptops encrypted e-mails carefully crafted so the acoustic leakage produced by decrypting them was specifically related to the value of particular bits in the key. A series of such texts, each building on knowledge gleaned from the previous attack, gradually builds up the whole number.

The victim of such an attack will probably not realise something is wrong until he looks at the decrypted text and realises it is gobbledygook. And, given the volume of e-mails many people receive, there is a good chance that, if the attacking e-mails are made to look like spam, or are backdated so that they drop to the bottom of the recipient’s in-box, the attack may go unnoticed altogether.

All this is no good, of course, if the sender of the attacking e-mails cannot then listen to the computer’s hum. That can be done in several ways: with a good old-fashioned bugging microphone, for example; or with a parabolic mike some distance away; or by hijacking the target computer’s own microphone, perhaps on the pretext of a chat on Skype or a similar service.

If the attacker can get close to the computer himself, though (perhaps by organising a business meeting with the subject of the attack), an even cleverer approach is possible. A suitably programmed smartphone, placed close enough to the target, can both send the e-mails and do the analysis—a method tested, in a laboratory at least, by the researchers themselves.

GnuPG has now created a patch designed to protect against this particular type of attack, using a technique called “blinding”, which muddies the acoustic signature. But that merely starts an arms race between the blinders and the spies. And, as if all this were not enough, Dr Shamir, Dr Tromer and Mr Genkin have now shown that if a spy can somehow touch the target computer when it is decrypting an e-mail then he (or, rather, the electronic box of tricks he is wearing) can extract the key by measuring changes in the electric potential of the computer’s chassis relative to the ground potential of the room.

This will not be the first time a spy has gone to earth, for sure. But perhaps it is the first when he is able to keep spying as he does so.

This process of decryption demonstrates that merely having an encryption program is not a sufficient response in the practical sense.  For every program there is an attempt to subvert it.  The legal issue is whether privacy commissioners will regard “ticking the box” on encryption is sufficient when the various ways hackers (and government agencies) seek to overcome encryption programs.  Is it necessary for an organisation to keep up to date on developments in this area and what efforts constitute reasonable efforts.  On the other side of the divide will privacy commissioners come to the view that encrypting data is too uncertain to constitute proper data security.  In my view, not soon.  But technology moves at such a pace that never say no is the safest options.

Leave a Reply

Verified by MonsterInsights