Dan GoodinJun 13, 2023

Researchers have devised a novel attack that recovers the secret encryption keys stored in smart cards and smartphones by using cameras in iPhones or commercial surveillance systems to video record power LEDs that show when the card reader or smartphone is turned on.

The attacks enable a new way to exploit two previously disclosed side channels, a class of attack that measures physical effects that leak from a device as it performs a cryptographic operation. The first attack uses an Internet-connected surveillance camera to take a high-speed video of the power LED on a smart card reader—or of an attached peripheral device—to pull a 256-bit ECDSA key off a government-approved smartcard. The other allowed the researchers to recover the private SIKE key of a Samsung Galaxy S8 phone by training the camera of an iPhone 13 on the power LED of a USB speaker connected to the handset.

https://arstechnica.com/information-technology/2023/06/hackers-can-steal-cryptographic-keys-by-video-recording-connected-power-leds-60-feet-away/

Hackers can steal cryptographic keys by video-recording power LEDs 60 feet away

Key-leaking side channels are a fact of life. Now they can be done by video-recording power LEDs.

Ars Technica
Show threadjasegJun 13, 2023
@dangoodin A mitigating factor in this attack is that the camera has to be close enough or zoomed in enough that the LED covers the entire picture.
Show threadDan GoodinJun 13, 2023
@jaseg A commercial surveillance camera can pull off the attack from 60 feet away. How is having to zoom in a mitigating factor?
Show threadtheMimicJun 13, 2023

@dangoodin @jaseg

The real limitation of this technique is here:

> The video must be captured for 65 minutes, during which the reader must constantly perform the operation.

I can't think of a single real world situation where someone is typing their code or scanning a card nonstop during an hour.

Nevertheless, the study is a breakthrough taht can lead to further research with real-world impact.

Show threadjasegJun 13, 2023
@mimic @dangoodin I think this is not too unrealistic. Consider a security camera pointed at a server in a datacenter. That server could easily be decrypting data with the same key for an hour. Or consider a credit card terminal at a supermarket checkout with a camera pointed to it. The CC terminal could also be talking to its SAMs, performing the same operation over and over for an hour.
Show threadtheMimic

@jaseg @dangoodin

You're right. I didn't think about these use cases. It still restricted but can have real-world implications.

Thanks for sharing these insights!

Jun 13, 2023 at 4:22pmWeb