Security

AES-256 keys sniffed in seconds using €200 of kit a few inches away

Van Eck phreaking getting surprisingly cheap


Side-channel attacks that monitor a computer's electromagnetic output to snaffle passwords are nothing new. They usually require direct access to the target system and a lot of expensive machinery – but no longer.

Researchers at Fox‑IT have managed to wirelessly extract secret AES-256 encryption keys from a distance of one metre (3.3 feet) – using €200 (~US$224) worth of parts obtained from a standard electronics store – just by measuring electromagnetic radiation. At that distance sniffing the keys over the air took five minutes, but if an attacker got within 30 centimetres (11.8 inches) of a device, the extraction time is cut down to just 50 seconds.

The research team used a simple loop antenna, attached it to an external amplifier and bandpass filters bought online, and then plugged it into a software defined radio USB stick they bought for €20. The entire cost of the setup was less than €200 and the device could be hidden in a jacket or laptop case.

They used this kit to record the radio signals generated by the power consumption of the SmartFusion2 target system running an ARM Cortex-M3-powered chip. By measuring the leakage between the Cortex processor and the AHB bus, the data showed the peaks and troughs of consumption as the encryption process was carried out.

By running a different encryption run on a test rig, the researchers mapped out how the power consumption related to individual bytes of information. That allowed them to take guesses at the 256 possible values of a single byte and the correct choice showed the highest power spike.

"Using this approach only requires us to spend a few seconds guessing the correct value for each byte in turn (256 options per byte, for 32 bytes – so a total of 8,192 guesses)," they wrote [PDF]. "In contrast, a direct brute-force attack on AES‑256 would require 2256 guesses and would not complete before the end of the universe."

The electromagnetic signals drop off rapidly the farther away you are from the target, but the researchers still managed the extraction from a distance of one metre, even though it took much longer to do so. Spending more on the equipment, however, would increase the range and speed of the attack.

"In practice this setup is well suited to attacking network encryption appliances," they wrote. "Many of these targets perform bulk encryption (possibly with attacker-controlled data) and the ciphertext is often easily captured from elsewhere in the network. This again underscores the need for deep expertise and defense-in-depth when designing high assurance systems."

There are, of course, some caveats. The tests took place under laboratory conditions, rather than in a busy office or server room where other signals might interfere with the data collection. But it's an interesting example of how an attack previously thought of as unfeasible due to cost and distance has been made easier by smarter and cheaper technology. ®

Send us news
92 Comments

Europol now latest cops to beg Big Tech to ditch E2EE

Don't bore us, get to the chorus: You need less privacy so we can protect the children

Sleuths who cracked Zodiac Killer's cipher thank the crowd

Fifty-one years of community contributions, software, and clever cryptanalysis contributed

Telegram eyes IPO as user numbers close in on 1 billion

Chat app chaps may even turn a profit this year

Nevada sues to deny kids access to Meta's Messenger encryption

State government says it's thinking of the children

European Court of Human Rights declares backdoored encryption is illegal

Surprising third-act twist as Russian case means more freedom for all

Feds post $15 million bounty for info on ALPHV/Blackcat ransomware crew

ALSO: EncroChat crims still getting busted; ransomware takes down CO public defenders office; and crit vulns

Raspberry Pi Pico cracks BitLocker in under a minute

Windows encryption feature defeated by $10 and a YouTube tutorial

Meta starts rolling out end-to-end encryption in Facebook Messenger

Surfing the cryptographic wave

Privacy crusaders accuse X of ad-targeting that flouts EU rules

Campaign to promote 'chat control' legislation allegedly sorted users by political views, religious beliefs

Bug hunters on your marks: TETRA radio encryption algorithms to enter public domain

Emergency comms standard had five nasty flaws but will be opened to academic research

EU lawmakers scolded for concealing identities of privacy-busting content-scanning 'experts'

Names of consultants on encryption bypass plan leaked anyway

UK may demand tech world tell it about upcoming security features

Campaigners say proposals to reform laws are 'dangerous' and an attack on safety