17
submitted 2 years ago* (last edited 2 years ago) by PhantomPhanatic@lemmy.world to c/cybersecurity@sh.itjust.works
you are viewing a single comment's thread
view the rest of the comments
[-] PhantomPhanatic@lemmy.world 4 points 2 years ago* (last edited 2 years ago)

Power fluctuations on a USB hub indicate power draw and can be directly related to data sent over the bus. I can totally believe this.

This video explains the method in more detail: https://youtu.be/ITqBKRZvS3Y

[-] mo_ztt@lemmy.world 5 points 2 years ago* (last edited 2 years ago)

With the help of this video I found their paper. So: In order to compromise the smart card reader, they hooked up their own hardware to it and caused it to perform 10,500 signature operations while they carefully measured the brightness of the LED. For the Samsung private key attack, they're applying in a novel way an already-known timing attack caused by an interaction between the crypto library and the power-saving features of the processor. They threw large numbers of carefully crafted cryptographic operations at the CPU to cause it to change its voltage and power characteristics in ways it's not supposed to, which they then detected at a distance by observing the speaker's LED, which led them to be able to deduce the private key.

It's still extremely impressive and 100% valid research. But, I feel that "if we have access to the hardware / ability to attack the software at length, and in addition we can watch the LEDs, the LEDs can help with the attack operation we conduct" is a little different than what the article made it sound like.

[-] PhantomPhanatic@lemmy.world 0 points 2 years ago

Yeah, I pulled the paper as well since I was curious. As far as I understand it, for the card reader, they use the data they get from the LED to help with solving the key. The LEDs leak crucial information about each encryption calculation and some specific calculations give away more info than others so they had to capture many key exchanges. Not super useful in most cases but it demonstrates a novel way to observe leaked info.

I'll add a link to the paper to the post for easier access.

[-] mo_ztt@lemmy.world 1 points 2 years ago

Sounds good to me. Like I say it's still extremely impressive; there's no need to omit the "and they also did a conventional attack at the same time which the LED helped with" part for it to be a great story.

this post was submitted on 17 Jun 2023
17 points (100.0% liked)

Cybersecurity

8497 readers
101 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago
MODERATORS