Using a video camera connected to the Internet
The news was recently released that a group of researchers from Israel developed a new method of attack that allows remotely retrieve encryption key values performing the analysis of the LED indicator.
Yes, although for many it sounds something really ridiculous or impossible, this attack makes it possible to recover the encryption keys based on in ECDSA and SIKE algorithms through video analysis of a camera that captures the LED indicator of a smart card reader or a device connected to a USB hub with a smartphone that performs operations with the dongle.
About the attack, it is mentioned that the method was developed based on the fact that in the course of calculations, depending on the operations performed on the CPU, power consumption changes, causing small fluctuations in the brightness of the power LEDs.
The change in brightness, which directly correlates with the calculations made, it can be captured on modern digital video surveillance cameras or smartphone cameras, and analysis of the camera data allows you to indirectly restore the information used in the calculations.
To circumvent the sampling precision limitation associated with recording only 60 or 120 frames per second, the rolling shutter mode supported by some cameras was used, which reflects different parts of a rapidly changing object at different times in a frame.
Based on this observation, we show how attackers can exploit commercial video cameras (for example, an iPhone 13 camera or an Internet-connected security camera) to recover secret keys from devices.
Using this mode allows you to analyze up to 60k brightness measurements per second when shooting on an iPhone 13 Pro Max camera with a starting rate of 120 FPS, if the LED indicator image fills the entire frame. The analysis considered the change in the individual color components (RGB) of the indicator, depending on changes in processor power consumption.
Frames from the device's power LED video sequences are parsed into RGB space and the associated RGB values are used to retrieve the secret key by inducing device power consumption from the RGB values.
Known Hertzbleed attack methods were used to recover the keys. to the SIKE key encapsulation mechanism and from Minerva to the ECDSA digital signature algorithm, adapted for use with another leak source through third-party channels.
The attack alone is effective when using vulnerable implementations of ECDSA and SIKE in the Libgcrypt and PQCrypto-SIDH libraries. For example, the affected libraries are used in the Samsung Galaxy S8 smartphone and six smart cards purchased from Amazon from five different manufacturers.
The researchers conducted two successful experiments:
- In the first, it was possible to recover a 256-bit ECDSA key from a smart card by analyzing video of the smart card reader's LED indicator, filmed on a global network-connected video surveillance camera located 16 meters from the device. The attack took around an hour and required the creation of 10,000 digital signatures.
- In the second experiment, it was possible to recover the 378-bit SIKE key used in the Samsung Galaxy S8 smartphone based on the analysis of the video recording of the power indicator of Logitech Z120 USB speakers connected to a USB hub via the which smartphone was charged.
The video was shot with an iPhone 13 Pro Max and during the analysis, a ciphertext attack was performed on a smartphone (gradual guessing based on manipulating the ciphertext and obtaining its decryption), during which 121.000 operations were performed with the SIKE key.
Finally, if you are interested in knowing more about it, you can consult the details In the following link.