Acoustic cryptanalysis
Acoustic cryptanalysis is a type of
Most of the modern acoustic cryptanalysis focuses on the sounds produced by
History
Victor Marchetti and John D. Marks eventually negotiated the declassification of CIA acoustic intercepts of the sounds of cleartext printing from encryption machines.[1] Technically this method of attack dates to the time of FFT hardware being cheap enough to perform the task; in this case the late 1960s to mid-1970s. However, using other more primitive means such acoustical attacks were made in the mid-1950s.
In his book
Known attacks
In 2004, Dmitri Asonov and Rakesh Agrawal of the
Also in 2004,
Acoustic emissions occur in coils and capacitors because of small movements when a current surge passes through them. Capacitors in particular change diameter slightly as their many layers experience electrostatic attraction/repulsion or piezoelectric size change.[6] A coil or capacitor which emits acoustic noise will, conversely, also be microphonic, and the high-end audio industry takes steps with coils[7] and capacitors[8] to reduce these microphonics (immissions) because they can muddy a hi-fi amplifier's sound.[citation needed]
In March 2015, it was made public that some inkjet printers using ultrasonic heads can be read back using high frequency
A new acoustic cryptanalysis technique discovered by a research team at Israel's Ben-Gurion University Cybersecurity Research Center allows data to be extracted using a computer's speakers and headphones.[citation needed] Forbes published a report stating that researchers found a way to see information being displayed, by using microphone, with 96.5% accuracy.[10]
In 2016, Genkin, Shamir, and Tromer published another paper that described a key extraction attack that relied on the acoustic emissions from laptop devices during the decryption process. They demonstrated the success of their attack with both a simple mobile phone and a more sensitive microphone.[11]
Countermeasures
This kind of cryptanalysis can be defeated by generating sounds that are in the same spectrum and same form as keypresses. If sounds of actual keypresses are randomly replayed, it may be possible to totally defeat such kinds of attacks. It is advisable to use at least 5 different recorded variations (36 x 5 = 180 variations) for each keypress to get around the issue of FFT fingerprinting.[12] Alternatively, white noise of a sufficient volume (which may be simpler to generate for playback) will also mask the acoustic emanations of individual keypresses.
See also
- TEMPEST
- ACOUSTINT
References
- ISBN 0394482395.
- ^ Wright, Peter (1987), Spycatcher: The candid autobiography of a senior intelligence officer, Viking
- ^ Yang, Sarah (14 September 2005). "Researchers recover typed text using audio recording of keystrokes". UC Berkeley News.
- ^ Shamir, Adi; Tromer, Eran. "Acoustic cryptanalysis: On nosy people and noisy machines". tau.ac.il.
- ^ Genkin, Daniel; Shamir, Adi; Tromer, Eran. "RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis". tau.ac.il.
- ^ "Capacitors for Reduced Micro phonics and Sound Emission" (PDF). CARTS 2007 Symposium Proceedings, Albuquerque. Electronic Components, Assemblies & Materials Association (ECA). March 2007. Archived from the original (PDF) on 2019-11-16. Retrieved 2014-01-24.
- ^ "FoilQ, .50mH 16ga". Meniscusaudio.com. Archived from the original on 2014-02-20. Retrieved 2014-01-24.
- ^ "50uF 250volt Metallized Polyester Mylar Film Capacitor-ERSE". Erseaudio.com. Retrieved 2014-01-24.
- ^ Michael Backes; Markus Dürmuth; Sebastian Gerling; Manfred Pinkal; Caroline Sporleder (January 9, 2011). "Acoustic Side-Channel Attacks on Printers" (PDF). eecs.umich.edu. Retrieved March 10, 2015.
- ^ Mathews, Lee (2018-08-31). "Now Hackers Can Spy On You By Listening To Your Screen". Forbes. Retrieved 2019-03-13.
- S2CID 31377774.
- ^ Asonov, Dmitri; Agrawal, Rakesh (2004), "Keyboard Acoustic Emanations" (PDF), IBM Almaden Research Center, archived from the original (PDF) on 2012-02-27, retrieved 2007-05-08