Private Keys Vulnerabilities to Side Channel Attacks
The Public Key Infrastructure has been the staple of cryptography for over forty years.
The simple and ingenious system introduced to the world of information technology the concept of “asymmetric” encryption; a way in which a message can be encrypted, but only unlocked by one particular user. While the public key is accessible to all and can be used to encrypt a message, however only the intended recipient – the one who possessed the private key – can actually read it.
This seemed to offer a great solution to encryption and decryption without the need to pre-share a common key, one which found the balance between security and usability.
Over the past several years, however, weaknesses in the PKI system began to emerge. Systemic vulnerabilities exposed public key systems to a slew of attacks, from Man in the Middle, to certificate theft.
This blog has devoted several posts to break down the security and logistical issues associated with current public key encryption.
But beyond the danger of more conventional attacks, PKI also exposes users to more creative hacks.
Side Channeling and PKI Encryption
The niche of side channel hacks is a unique field.
While direct hacks seek weaknesses in the algorithms of computer systems themselves, side channel attacks seek to glean compromising data from second output channels.
Side channel methods can get pretty creative. Everything from heat signatures emanating from a server to blinking lights on a router can be capitalized on. Because PKI secrets are nearly impossible to break with conventional computers, side channeling has long been explored as a means to overcome the public key encryption.
Recently, a group of researchers came up with an ingenious method to hack PKI, implementing a method that had yet to be fully explored by experts.
In an August conference on information security held in Baltimore, Maryland, a group of scientists from Georgia Tech were able to intercept electromagnetic signals from mobile phones in order to reconstruct private keys.
How did they pull it off?
Mobile phones generate unique signals that emanate outward in the form of electromagnetic waves. A series of analog signals are unintentionally produced by the phones during the process of encrypting messages, which essentially involves multiplying really big numbers. Because the private key is a highly complex integer, the device creates an extremely long string of signals as it is being generated. The irony of this is that the stronger the encryption is, the stronger the electric signals are–and the easier they are to intercept, higher encryption leads to a stronger signal.
After narrowing in on the frequency band that contained the relevant information, the scientists used a process called demodulation, to reconstruct the numbers indicated by each electromagnetic pulse, giving them all they needed to decrypt data being transmitted by the phone. Perhaps the most surprising find of these researchers was that this attack did not require a major investment in resources and equipment–as many side channel hacks do. The Georgia Tech team retrieved all compromising data using a software-defined radio anyone can pick up for less than $1,000.
The Vulnerabilities Build Up
The amazing discovery by the Georgia Tech team is just the latest innate vulnerability to be discovered in PKI based cryptography. Their experiment showed that not only is PKI susceptible to traditional direct hacks, but that the very generation of private keys leaves open the possibility for that secret to be intercepted–even if hackers have to resort to “non-traditional” means.
The solution? Circumvent all of the weaknesses inherent in PKI.
Users implementing algorithms that do not rely on Public Key Infrastructure such as Secret Sharing are immune to all of PKI’s weaknesses. Platforms capitalizing on this technology, consisting of multi-channel and out-of-band authentication mechanisms, represent the strongest in password-less authentication, allowing the user to transcend all the security flaws of contemporary standard encryption.
Navigating the NIST AIM Guidelines
Navigating the NIST AIM Guidelines
How to Secure the Health Industry