As if it wasn’t enough that the NSA paid RSA $10 million to adopt an algorithm that wasn’t entirely secure, researchers have now demonstrated that they can break even RSA 4096 bit encryption with little more than a few emails and a microphone. And that microphone can indeed just be one in a smartphone sitting on the desk.
Researchers from Tel Aviv University and the Weizmann Institute of Science discovered that they could steal even the largest, most secure RSA 4,096-bit encryption keys simply by listening to a laptop as it decrypts data.
To accomplish the trick, the researchers used a microphone to record the noises made by the computer, then ran that audio through filters to isolate the vibrations made by the electronic internals during the decryption process. With that accomplished, some cryptanalysis revealed the encryption key in around an hour.
Well, no, pace Engadget it is a little more complex than that. You can’t just listen to a computer and break the algos just like that.
Here’s what the researchers did do though. Send several emails to the system itself: this way they knew what the content of the emails was. They also recorded the sounds of the computer decoding those known emails. For all computers do indeed make noises as they work: not just the disk, other components make small sounds as they heat up, cool and so on.
Now the researchers have two sets of information and they know that actually, these two are connected. They’ve the noises made from decoding known emails. With that there is the possibility of pattern matching and that’s what they’re doing next. From that, as they say, they can extract the encryption key in around an hour.
This isn’t, of course, something that is ever going to be done on any large scale: it’s solely a one target sorta technique. You’ve got to be sending your test emails to a specific machine that you are then recording the sounds from. So it’s not going to be something that the NSA tries to randomly use on 300 million of us. But it would very much be a useful technique when a computer has been seized and no one knows what the encryption key to the data upon it is. Even there it won’t be used all the time: in my native UK it is actually illegal to have encrypted material that you refuse to hand over the key to if law enforcement asks you to. So the majority of material will be unlocked by the accused, but this would still help when said accused isn’t actually in custody.