Menu
$199.99 HP Stream 11 Laptop is On Sale

$199.99 HP Stream 11 Laptop is On Sale

Cara Delevingne Recorded Song with Pharrell

Cara Delevingne Recorded Song with Pharrell

Black Friday 2014 iPad Deals will be Amazing

Black Friday 2014 iPad Deals will be Amazing

Oscar Pistorius gets Five Year Sentence after a Lengthy Trial

Oscar Pistorius gets Five Year Sentence after a Lengthy Trial

Dodge Charger SRT Hellcat Is Very Affordable

Dodge Charger SRT Hellcat Is Very Affordable

Researchers Break RSA 4096 Encryption With Just A Microphone And A Couple Of Emails

Dec 21 2013, 8:36am CST | by , in News

 
 

As if it wasn’t enough that the NSA paid RSA $10 million to adopt an algorithm that wasn’t entirely secure, researchers have now demonstrated that they can break even RSA 4096 bit encryption with little more than a few emails and a microphone. And that microphone can indeed just be one in a smartphone sitting on the desk.

Researchers from Tel Aviv University and the Weizmann Institute of Science discovered that they could steal even the largest, most secure RSA 4,096-bit encryption keys simply by listening to a laptop as it decrypts data.

To accomplish the trick, the researchers used a microphone to record the noises made by the computer, then ran that audio through filters to isolate the vibrations made by the electronic internals during the decryption process. With that accomplished, some cryptanalysis revealed the encryption key in around an hour.

Well, no, pace Engadget it is a little more complex than that. You can’t just listen to a computer and break the algos just like that.

Here’s what the researchers did do though. Send several emails to the system itself: this way they knew what the content of the emails was. They also recorded the sounds of the computer decoding those known emails. For all computers do indeed make noises as they work: not just the disk, other components make small sounds as they heat up, cool and so on.

Now the researchers have two sets of information and they know that actually, these two are connected. They’ve the noises made from decoding known emails. With that there is the possibility of pattern matching and that’s what they’re doing next. From that, as they say, they can extract the encryption key in around an hour.

This isn’t, of course, something that is ever going to be done on any large scale: it’s solely a one target sorta technique. You’ve got to be sending your test emails to a specific machine that you are then recording the sounds from. So it’s not going to be something that the NSA tries to randomly use on 300 million of us. But it would very much be a useful technique when a computer has been seized and no one knows what the encryption key to the data upon it is. Even there it won’t be used all the time: in my native UK it is actually illegal to have encrypted material that you refuse to hand over the key to if law enforcement asks you to. So the majority of material will be unlocked by the accused, but this would still help when said accused isn’t actually in custody.

Source: Forbes

Michelle Williams leaves CAA

Michelle Williams leaves CAA

12 hours ago, 9:46am CDT

Joanne Borgella Dies of Cancer

Joanne Borgella Dies of Cancer

12 hours ago, 9:42am CDT

Free Black Friday 2014 Lego Set Leaks

Free Black Friday 2014 Lego Set Leaks

13 hours ago, 9:25am CDT

Comments

blog comments powered by Disqus