Tom Olzak

Laptop encryption under attack

In Uncategorized on June 29, 2015 at 16:05

In a recent post by Bruce Schneier, he quotes a paper and Wired article in which researchers claim to be able to capture decryption keys.  The capture uses a device, buildable for about $300, that can extract keys from electromagnetic radiation emanating from a laptop.  The device, however, must be within 50 cm (19.68 inches) of the target machine.  So using the device means access to a targeted office or theft of the laptop.

According to the paper’s authors,

“Different CPU operations have different power requirements. As different computations are performed during the decryption process, different electrical loads are placed on the voltage regulator that provides the processor with power. The regulator reacts to these varying loads, inadvertently producing electromagnetic radiation that propagates away from the laptop and can be picked up by a nearby observer. This radiation contains information regarding the CPU operations used in the decryption, which we use in our attack.”

We’ve been relying for years on encryption to protect our laptops, and it’s still a good idea.  The researchers write that this attack doesn’t necessarily work across all computers or on other algorithms other than the GnuPG solution tested.  Further research is required.

%d bloggers like this: