Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F23%3A00131846" target="_blank" >RIV/00216224:14330/23:00131846 - isvavai.cz</a>
Result on the web
<a href="http://dx.doi.org/10.1145/3576915.3616620" target="_blank" >http://dx.doi.org/10.1145/3576915.3616620</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1145/3576915.3616620" target="_blank" >10.1145/3576915.3616620</a>
Alternative languages
Result language
angličtina
Original language name
Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations
Original language description
Although power LEDs have been integrated in various devices that perform cryptographic operations for decades, the cryptanalysis risk they pose has not yet been investigated. In this paper, we present optical cryptanalysis, a new form of cryptanalytic side- channel attack, in which secret keys are extracted by using a pho- todiode to measure the light emitted by a device’s power LED and analyzing subtle fluctuations in the light intensity during crypto- graphic operations. We analyze the optical leakage of power LEDs of various consumer devices and the factors that affect the optical SNR. We then demonstrate end-to-end optical cryptanalytic attacks against a range of consumer devices (smartphone, smartcard, and Raspberry Pi, along with their USB peripherals) and recover secret keys (RSA, ECDSA, SIKE) from prior and recent versions of popular cryptographic libraries (GnuPG, Libgcrypt, PQCrypto-SIDH) from a maximum distance of 25 meters.
Czech name
—
Czech description
—
Classification
Type
D - Article in proceedings
CEP classification
—
OECD FORD branch
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Result continuities
Project
—
Continuities
S - Specificky vyzkum na vysokych skolach
Others
Publication year
2023
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Article name in the collection
30th ACM Conference on Computer and Communications Security (CCS'2023)
ISBN
9798400700507
ISSN
—
e-ISSN
—
Number of pages
13
Pages from-to
268-280
Publisher name
Association for Computing Machinery
Place of publication
New York, NY, USA
Event location
Copenhagen, Denmark
Event date
Nov 26, 2023
Type of event by nationality
WRD - Celosvětová akce
UT code for WoS article
001124987200019