Since the inception of RSA public-key encryption in 1977, it has acted as a sentinel guarding online privacy and verified authenticity across the globe while using computers, gadgets and web browsers. But now it seems, like any other product cycle, this one too has reached the platform and soon enough it might require a revamp. A team of three researchers in Israel has claimed their ability to crack 4096-bit RSA encryption keys by listening to internal computer components that produces shrilling noises.
Researchers said that they studied the noises produced by computer and this noise as they say is not the whirring of fan but generated by other internal components. With the use of microphone, they gathered the noise and interpreted it with the help of a software. The same team also created the deciphering software. After a long series of trial and effort, the trio was able to crack the code.
In order to understand noise, it must create a particular pattern, which is not possible with a single character, so the researchers created a method as per which, they sent a cyphertext to the machine, which was under observation. This cyphertext had embedded code that caused looping and so the noise repeated enough times hence generated a pattern that became easier to map. Consequent upon which, it drew together the encryption keys, which fell into the hands of the researchers aka hackers.
With a laptop, the software and some simple hardware the researchers cracked encryption keys on a second laptop, claiming it as one of the easiest methods that can be ported to various machines. Similar thing was done using cell phone. Packaging it in software, it could be pushed out as a malware, and thus take the control of encryption keys on infected devices and sending them back to the hacker asserted the researchers.
They further said that an attack on low-bandwidth computers could also be made with the same process, that’ll include by calculating the electrical potential of a computer’s chassis.
Image: Mashable
