Side-Channel PoC Attack Lifts Private RSA Keys from Mobile Phones

Researchers launched a Proof-of-Concept attack on two Android mobile phones and an embedded system board.

Researchers have developed a proof-of-concept side-channel attack that allows them to pull encryption keys from a single decryption for a modern version of OpenSSL. The attack impacts mobile devices — without physical access to the handsets.

A group of researchers at Georgia Tech were able to retrieve the encryption keys from mobile device analog signals unintentionally produced by processors – within seconds and without physical access to the devices. The private RSA encryption keys are pulled from encryption software program OpenSSL (specifically version 1.1.0g).

“The approach is demonstrated using electromagnetic emanations on two mobile phones and an embedded system, and after only one decryption in a fixed-window RSA implementation, it recovers enough bits of the secret exponents to enable very efficient (within seconds) reconstruction of the full private RSA key,” researchers said in a research paper presented at USENIX.

Side-channel attacks extract sensitive information, such as cryptographic keys, from signals created by electronic activity within computing devices as they carry out computation. There are an array of techniques to launch side-channel attacks, including using caches, branch predictors or analog signals.

In this instance, researchers launched the PoC attack on two Android mobile phones and an embedded system board, all packing ARM processors with high frequencies between 800MHz to 1.1GHz.

These frequencies are included in the signal capture capabilities of compact commercially available sub-$1,000 software-defined radio (SDR) receivers, such as the Ettus B200-mini, researchers said. The researchers placed receivers “very close” but without physical contact with the unopened phone cases (and for the embedded systems board they placed the probes about eight inches away); from there, they were able to capture the electromagnetic signals from the processors.

“The attack recovers the exponent’s bits during modular exponentiation from analog signals that are unintentionally produced by the processor as it executes the constant-time code that constructs the value of each ‘window’ in the exponent, rather than the signals that correspond to squaring/multiplication operations and/or cache behavior during multiplication and table lookup operations,” researchers explained.

Researchers said their technique correctly recovered between 95.7 to 99.6 percent (depending on the target system) of the secret exponents’ bits from the signals.

The issue can be mitigated when the bits of the exponent are only obtained from an exponent in integer-sized groups (tens of bits) rather than obtaining them one bit at a time.

“This mitigation is effective because it forces the attacker to attempt recovery of tens of bits from a single brief snippet of signal, rather than having a separate signal snippet for each individual bit,” researchers said.

Researchers said they submitted the mitigation to OpenSSL and a patch for integration was merged into the “master” branch of OpenSSL’s source code on May 20. Implementations will need to update their code accordingly.

Suggested articles