Stealing Keys from PCs Using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation
Updated: Jul 29
Eran Tromer's team presented new side-channel attacks on RSA and ElGamal implementations that use sliding-window or fixed-window (m-ary) modular exponentiation. The attacks extract decryption keys using a very low measurement bandwidth (a frequency band of less than 100 kHz around a carrier under 2 MHz) even when attacking multi-GHz CPUs.
They demonstrated the attacks’ feasibility by extracting keys from GnuPG (unmodified ElGamal and non-blinded RSA), within seconds, using a nonintrusive measurement of electromagnetic emanations from laptop computers. The measurement equipment is cheap and compact, uses readily-available components (a Software Defined Radio USB dongle or a consumer-grade radio receiver), and can operate untethered while concealed, e.g., inside pita bread.