Nav: Home

Researchers help close security hole in popular encryption software

August 09, 2018

Cybersecurity researchers at the Georgia Institute of Technology have helped close a security vulnerability that could have allowed hackers to steal encryption keys from a popular security package by briefly listening in on unintended "side channel" signals from smartphones.

The attack, which was reported to software developers before it was publicized, took advantage of programming that was, ironically, designed to provide better security. The attack used intercepted electromagnetic signals from the phones that could have been analyzed using a small portable device costing less than a thousand dollars. Unlike earlier intercept attempts that required analyzing many logins, the "One & Done" attack was carried out by eavesdropping on just one decryption cycle.

"This is something that could be done at an airport to steal people's information without arousing suspicion and makes the so-called 'coffee shop attack' much more realistic," said Milos Prvulovic, associate chair of Georgia Tech's School of Computer Science. "The designers of encryption software now have another issue that they need to take into account because continuous snooping over long periods of time would no longer be required to steal this information."

The side channel attack is believed to be the first to retrieve the secret exponent of an encryption key in a modern version of OpenSSL without relying on the cache organization and/or timing. OpenSSL is a popular encryption program used for secure interactions on websites and for signature authentication. The attack showed that a single recording of a cryptography key trace was sufficient to break 2048 bits of a private RSA key.

Results of the research, which was supported in part by the National Science Foundation, the Defense Advanced Research Projects Agency (DARPA), and the Air Force Research Laboratory (AFRL) will be presented at the 27th USENIX Security Symposium August 16th in Baltimore.

After successfully attacking the phones and an embedded system board - which all used ARM processors - the researchers proposed a fix for the vulnerability, which was adopted in versions of the software made available in May.

Side channel attacks extract sensitive information from signals created by electronic activity within computing devices during normal operation. The signals include electromagnetic emanations created by current flows within the devices computational and power-delivery circuitry, variation in power consumption, and also sound, temperature and chassis potential variation. These emanations are very different from communications signals the devices are designed to produce.

In their demonstration, Prvulovic and collaborator Alenka Zajic listened in on two different Android phones using probes located near, but not touching the devices. In a real attack, signals could be received from phones or other mobile devices by antennas located beneath tables or hidden in nearby furniture.

The "One & Done" attack analyzed signals in a relatively narrow (40 MHz wide) band around the phones' processor clock frequencies, which are close to 1 GHz (1,000 MHz). The researchers took advantage of a uniformity in programming that had been designed to overcome earlier vulnerabilities involving variations in how the programs operate.

"Any variation is essentially leaking information about what the program is doing, but the constancy allowed us to pinpoint where we needed to look," said Prvulovic. "Once we got the attack to work, we were able to suggest a fix for it fairly quickly. Programmers need to understand that portions of the code that are working on secret bits need to be written in a very particular way to avoid having them leak."

The researchers are now looking at other software that may have similar vulnerabilities, and expect to develop a program that would allow automated analysis of security vulnerabilities.

"Our goal is to automate this process so it can be used on any code," said Zajic, an associate professor in Georgia Tech's School of Electrical and Computer Engineering. "We'd like to be able to identify portions of code that could be leaky and require a fix. Right now, finding these portions requires considerable expertise and manual examination."

Side channel attacks are still relatively rare, but Prvulovic says the success of "One & Done" demonstrates an unexpected vulnerability. The availability of low-cost signal processing devices small enough to use in coffee shops or airports could make the attacks more practical.

"We now have relatively cheap and compact devices - smaller than a USB drive - that are capable of analyzing these signals," said Prvulovic. "Ten years ago, the analysis of this signal would have taken days. Now it takes just seconds, and can be done anywhere - not just in a lab setting."

Producers of mobile devices are becoming more aware of the need to protect electromagnetic signals of phones, tablets and laptops from interception by shielding their side channel emissions. Improving the software running on the devices is also important, but Prvulovic suggests that users of mobile devices must also play a security role.

"This is something that needs to be addressed at all levels," he said. "A combination of factors - better hardware, better software and cautious computer hygiene - make you safer. You should not be paranoid about using your devices in public locations, but you should be cautious about accessing banking systems or plugging your device into unprotected USB chargers."

In addition to those already mentioned, the research involved Monjur M. Alam, Haider A. Khan, Moutmita Dey, Nishith Sinha and Robert Callen, all of Georgia Tech.
-end-
This work has been supported, in part, by the National Science Foundation under grant 1563991 and by the Air Force Research Laboratory and DARPA LADS under contract FA8650-16-C-7620. The views and findings in this paper are those of the authors and do not necessarily reflect the official views of NSF, DARPA or the AFRL.

CITATION: Monjur M. Alam, et. al., "One&Done: A Single-Decryption EM-Based Attack on OpenSSL's Constant-Time Blinded RSA," Proceedings of the 27th USENIX Security Symposium.

Georgia Institute of Technology

Related Mobile Devices Articles:

Mobile technology and child and adolescent development
A new special section of Child Development shows how particularly diverse the use of mobile technology is among children and adolescents, and points to great complexity in the effects of that usage.
So you think you can secure your mobile phone with a fingerprint?
No two people are believed to have identical fingerprints, but researchers have found that partial similarities between prints are common enough that the fingerprint-based security systems used in electronic devices can be more vulnerable than previously thought.
Graphene mobile innovation wows at the GSMA Mobile World Congress
The Graphene Experience Zone proved a show highlight to many at the 2017 GSMA Mobile World Congress (MWC).
Experience graphene mobile innovation at the GSMA Mobile World Congress
Graphene is back at Mobile World Congress (MWC) 2017 with the Graphene Experience Zone.
Sound Off! The Navy, haring protection and mobile devices
The Office of Naval Research is sponsoring the development of a new app to help warfighters learn about hearing protection on their mobile Android devices -- and snap close-up selfies of themselves wearing earplugs to see if they're using them properly.
Mobile money improves economic well-being in Kenya
Access to digital financial services lifted 194,000 Kenyan households out of poverty, a new study estimates, and increased consumption levels, especially among female-headed households.
New service improves cloud storage usage on mobile devices
Zhang and a team of Binghamton University researchers designed and developed StoArranger, a service to intercept, coordinate and optimize requests made by mobile apps and cloud storage services.
Internet and mobile devices prompt positive lifestyle changes
When guided by internet programs or mobile devices, people can become more physically active, eat better, lose a little weight and reduce tobacco and alcohol use.
Extending battery life for mobile devices
In a paper presented today at the Association for Computing Machinery's special interest group on data communication (SIGCOMM) conference in Florianópolis, Brazil, a team of computer science researchers at the University of Massachusetts Amherst led by professor Deepak Ganesan introduced a new radio technology that allows small mobile devices to take advantage of battery power in larger devices nearby for communication.
Updated DIfE -- German diabetes risk test optimized for mobile devices
The German Institute of Human Nutrition (DIfE) has updated the online version of its German Diabetes Risk Score and has optimized it for mobile devices.

Related Mobile Devices Reading:

The Teen's Guide to Social Media... and Mobile Devices: 21 Tips to Wise Posting in an Insecure World
by Jonathan McKee (Author)

Antenna Design for Mobile Devices (Wiley - IEEE)
by Zhijun Zhang (Author)

Practical Mobile Forensics - Third Edition: A hands-on guide to mastering mobile forensics for the iOS, Android, and the Windows Phone platforms
by Rohit Tamma (Author), Oleg Skulkin (Author), Heather Mahalik (Author), Satish Bommisetty (Author)

Wireless and Mobile Device Security (Jones & Barlett Learning Information Systems Security & Assurance)
by Jim Doherty (Author)

Mobile Device Security: A Comprehensive Guide to Securing Your Information in a Moving World
by Stephen Fried (Author)

Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols
by Michael T. Raggo (Author), Chet Hosmer (Author)

The Lightroom Mobile Book: How to extend the power of what you do in Lightroom to your mobile devices
by New Riders

Mobile Forensic Investigations: A Guide to Evidence Collection, Analysis, and Presentation
by Lee Reiber (Author)

Hacking University: Sophomore Edition. Essential Guide to Take Your Hacking Skills to the Next Level. Hacking Mobile Devices, Tablets, Game Consoles, and ... (Hacking Freedom and Data Driven Book 2)
by United Computer Geeks

Best Science Podcasts 2018

We have hand picked the best science podcasts for 2018. Sit back and enjoy new science podcasts updated daily from your favorite science news services and scientists.
Now Playing: TED Radio Hour

Circular
We're told if the economy is growing, and if we keep producing, that's a good thing. But at what cost? This hour, TED speakers explore circular systems that regenerate and re-use what we already have. Guests include economist Kate Raworth, environmental activist Tristram Stuart, landscape architect Kate Orff, entrepreneur David Katz, and graphic designer Jessi Arrington.
Now Playing: Science for the People

#503 Postpartum Blues (Rebroadcast)
When a woman gives birth, it seems like everyone wants to know how the baby is doing. What does it weigh? Is it breathing right? Did it cry? But it turns out that, in the United States, we're not doing to great at asking how the mom, who just pushed something the size of a pot roast out of something the size of a Cheerio, is doing. This week we talk to anthropologist Kate Clancy about her postpartum experience and how it is becoming distressingly common, and we speak with Julie Wiebe about prolapse, what it is and how it's...