A shocking discovery has been made by researchers, unveiling an innovative method for extracting covert encryption keys from smart cards and smartphones.
Utilizing the integrated cameras of iPhones or surveillance systems, they record videos of power LEDs, serving as indicators for device activation.
These attacks unveil a new method to take advantage of existing flaws by exploiting two side channels that were already identified.
Hackers Exploit Side-Channel Attacks
In the context of security breaches, side channels represent a particular attack category, exploiting the accidental disclosure of physical signals emitted by a device while engaged in cryptographic calculations.
Attackers can stealthily collect valuable intelligence by closely monitoring variables like power consumption, sound patterns, electromagnetic emissions, and operation durations.
Successful exploitation of such information could reveal the secret keys and make the cryptographic algorithm.
While performing cryptographic operations, in the first instance of an attack, a surveillance camera with internet connectivity captures a swift video of the power LED indicator on a smart card reader.
The researchers managed to extract a 256-bit ECDSA key from the Minerva-utilized smart card that had received government approval by utilizing this new approach.
During a separate attack, the researchers retrieved the private SIKE key belonging to a Samsung Galaxy S8 phone.
By directing the camera of an iPhone 13 towards the power LED of a USB speaker connected to the device, they successfully achieved this goal.
Power LEDs are specifically crafted to offer a visual indication, showing the activation or powering of a device. The complete research paper can be found here.
Limitation of Attacks
It is important to highlight the limitations of both attacks, which prevent their possibility in many real-world scenarios, although exceptions do exist.
Moreover, the significance of the published research lies in its breakthrough nature, presenting a completely innovative means to enable side-channel attacks.
While apart from this, the new method succeeds over the primary challenge that prevents previous approaches from exploiting side channels.
