Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F23%3A00131846" target="_blank" >RIV/00216224:14330/23:00131846 - isvavai.cz</a>

Výsledek na webu

<a href="http://dx.doi.org/10.1145/3576915.3616620" target="_blank" >http://dx.doi.org/10.1145/3576915.3616620</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1145/3576915.3616620" target="_blank" >10.1145/3576915.3616620</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations

Popis výsledku v původním jazyce

Although power LEDs have been integrated in various devices that perform cryptographic operations for decades, the cryptanalysis risk they pose has not yet been investigated. In this paper, we present optical cryptanalysis, a new form of cryptanalytic side- channel attack, in which secret keys are extracted by using a pho- todiode to measure the light emitted by a device’s power LED and analyzing subtle fluctuations in the light intensity during crypto- graphic operations. We analyze the optical leakage of power LEDs of various consumer devices and the factors that affect the optical SNR. We then demonstrate end-to-end optical cryptanalytic attacks against a range of consumer devices (smartphone, smartcard, and Raspberry Pi, along with their USB peripherals) and recover secret keys (RSA, ECDSA, SIKE) from prior and recent versions of popular cryptographic libraries (GnuPG, Libgcrypt, PQCrypto-SIDH) from a maximum distance of 25 meters.

Název v anglickém jazyce

Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations

Popis výsledku anglicky

Although power LEDs have been integrated in various devices that perform cryptographic operations for decades, the cryptanalysis risk they pose has not yet been investigated. In this paper, we present optical cryptanalysis, a new form of cryptanalytic side- channel attack, in which secret keys are extracted by using a pho- todiode to measure the light emitted by a device’s power LED and analyzing subtle fluctuations in the light intensity during crypto- graphic operations. We analyze the optical leakage of power LEDs of various consumer devices and the factors that affect the optical SNR. We then demonstrate end-to-end optical cryptanalytic attacks against a range of consumer devices (smartphone, smartcard, and Raspberry Pi, along with their USB peripherals) and recover secret keys (RSA, ECDSA, SIKE) from prior and recent versions of popular cryptographic libraries (GnuPG, Libgcrypt, PQCrypto-SIDH) from a maximum distance of 25 meters.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2023

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

30th ACM Conference on Computer and Communications Security (CCS'2023)

ISBN

9798400700507

ISSN

—

e-ISSN

—

Počet stran výsledku

13

Strana od-do

268-280

Název nakladatele

Association for Computing Machinery

Místo vydání

New York, NY, USA

Místo konání akce

Copenhagen, Denmark

Datum konání akce

26. 11. 2023

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

001124987200019