At the RSA computer security conference last week, Gary Kenworthy of Cryptography Research held up an iPod Touch on stage and looked over to a TV antenna three meters away. The signal picked up by the antenna, routed through an amplifier and computer software, revealed the secret key being used by an app running on the device to encrypt data. An attacker with access to this key could use it to perfectly impersonate the device he stole it from—to access e-mail on a company server, for example.
The antenna was detecting radio signals “leaking” from the transistors on the chip inside the phone performing the encryption calculations. Transistors leak those signals when they are active, so the pattern of signals from a chip provides an eavesdropper a representation of the work the chip is doing. When Kenworthy tuned his equipment to look in the right place, a clear, regular pattern of peaks and troughs appeared on his computer screen. They could be seen to come in two varieties, large and small, directly corresponding to the string of digital 1s and 0s that make up the encryption key.
“[This] antenna is not supposed to work at this frequency, and it’s been in someone’s attic for years and is a bit bent,” said Kenworthy, a principal engineer at Cryptography Research. “You could build an antenna into the side of a van to increase your gain—well, now you’ve gone from 10 feet to 300 feet.”
Kenworthy and Benjamin Jun, Cryptography Research’s chief technology officer, also demonstrated how a loop of wire held close to two models of smart phone could pick up their secret keys. The signal from an HTC Evo 4G smart phone was a direct transcript of the device’s key, used as part of a common cryptographic algorithm called RSA. The researchers required a more complex statistical analysis to successfully capture a key from another HTC device, which was used as part of an encryption scheme known as AES.
Jun said that all the devices his company has tested produced signals of some kind that could betray their keys, although different eavesdropping techniques were necessary for different devices. While some could be vulnerable to a long-range attack, as in the iPod demonstration, others like the HTC devices would require an attacker to get up close. But that could be practical, said Jun, if contactless receivers used to collect payments from phones with NFC chips were modified by crooks. NFC chips are expected to become widely available in smart phones in coming months as Google and other companies develop contactless mobile payment systems.
The apps used in Jun and Kenworthy’s demonstrations were of their own design, because it would be “bad manners” to demonstrate sniffing keys from other company’s apps, said Jun. However, the researchers have shown privately that they can eavesdrop on encryption keys from any app or mobile software, he said.
Details of the vulnerabilities uncovered have been provided to handset manufacturers. “We’ve notified all the phone vendors and manufacturers, and there’s a lot of work being done on this now,” he said. “I can’t name names, but I will say that we’re working with one large tablet and smart-phone manufacturer.”
Modifications to the hardware or software of a mobile device can muddy the signals that an eavesdropper can pick up. Many wireless credit-card readers already include such countermeasures, said Jun.
In the case of smart phones and tablets, software upgrades that split operations using cryptographic keys into multiple parts that are then combined could protect existing devices without changes to hardware, said Jun. However, such tactics come at a cost. “They do require some kind of performance hit,” said Jun, because they ask a chip to do more work. That also means more power consumption, which could deter some developers, who are loath to waste precious battery life.