
Smartphone can use its microphone to extract RSA decryption key from laptop - BrandonMarc
https://www.schneier.com/blog/archives/2013/12/acoustic_crypta.html
======
ColinWright
Substantial discussion:

[https://news.ycombinator.com/item?id=6927905](https://news.ycombinator.com/item?id=6927905)
(tau.ac.il) (92 comments)

Other submissions:

[https://news.ycombinator.com/item?id=6940827](https://news.ycombinator.com/item?id=6940827)
(theregister.co.uk)

[https://news.ycombinator.com/item?id=6938536](https://news.ycombinator.com/item?id=6938536)
(dailymail.co.uk)

[https://news.ycombinator.com/item?id=6935289](https://news.ycombinator.com/item?id=6935289)
(tau.ac.il)

[https://news.ycombinator.com/item?id=6933255](https://news.ycombinator.com/item?id=6933255)
(slashdot.org)

[https://news.ycombinator.com/item?id=6932445](https://news.ycombinator.com/item?id=6932445)
(slideshare.net)

~~~
petercooper
I submitted it as well with a suffixed URL to force a repost. Your list is
proof, if any, that it's really down to chance now even if _excellent_ stuff
makes it to the front page anymore..

~~~
CaveTech
But it did make the front page... The first time it was submitted.

~~~
chadillac83
and 3 other times that I've seen...

------
sillysaurus2
I love that Shamir keeps doing work that makes people say "... this _can 't_
be true!"

Once again, this is a reminder that any adversary that has physical access to
your box can extract all your secrets, and there's almost nothing you can do
about it.

For defending against acoustic attacks when encrypting/decrypting/typing in
your password, play loud music. I recommend "What does the fox say?" by Ylvis
since it has a wide range of powerful frequencies.

(There are other types of physical attacks than acoustic attacks, so this is
more tongue in cheek than a real defense mechanism.)

~~~
kevingadd
To be clear, it's my understanding that playing music or generating artificial
noise won't actually do much to stop this attack. Listening to some good tunes
will definitely help distract you from worrying about attackers stealing your
private keys, though!

~~~
sillysaurus2
Heh. Even loud music? Why not?

Now I _really_ want to repeat Shamir's experiment with Gangnam Style blaring
just to see what would happen.

~~~
Houshalter
If I understand correctly, it's because the frequency it is listening to is
much higher than normal music. Also possibly because the algorithm is meant to
deal with noise.

~~~
nemesisj
I wonder if you couldn't just find some kind of white noise emitter that
randomly generates noise for the frequencies in the same band?

------
pflanze
Interesting. Reminds me of the times long ago when pocket calculators were a
new thing and I was also owning an AM/FM radio and held it close to the
calculators to listen to what they were "doing". You would hear a lot more in
the radio than the bit of whining and buzzing that you can hear acoustically
from nowaday's computers.

So, I was wondering, what about the FM radio built into many (if not most)
mobile phones? Connected my earbuds (they also function as antenna), turned on
the phone loudspeaker, laid the earbud cable over my laptop, tuned the FM
radio to some frequency where there is no radio station (thus statics
playing), and voilà, I can clearly hear correlation between noise and
activity. Even when I'm placing my earbuds/phone a foot away from the laptop I
can still clearly hear when I'm opening some new window. The sounds are not as
'colorful' as they were on an AM radio when listening to calculators, but I'd
wager a guess that it's better than an acoustic attack.

So much for thinking that making acoustic noise like playing music would dwarf
the attack vector "mobile phone".

PS: what might prevent this attack is that on some (most?) phones the output
of the FM radio can't be captured directly. It could be played through the
speaker and recorded through the mic, though. The attack as carried out by
Genkin/Shamir/Tromer is sending tons of encrypted emails and would probably
arouse suspicion anyway if the computer was attended, thus this indirection
may not pose a problem.

~~~
Sami_Lehtinen
Totally true and old common knowledge, check this out:
[https://en.wikipedia.org/wiki/Tempest_%28codename%29](https://en.wikipedia.org/wiki/Tempest_%28codename%29)
When chips and devices were slower and used more energy, it was just easier to
observe those differences. I also have had many mobile phones which leaked
information as audio, I think most of that leak was from RF tramsitter unit
power consumption and speaker amplifier power not being properly filtered. But
it's just perfect example of acoustic information leak.

------
drakaal
Once again Shamir puts out a bombastic paper where they tested against one
device in a controlled environment and doesn't release a software or a proof
that it works.

If this were real there would be a "submit your recording" or an opensource
library for others to try.

The physics of this don't work.

If they did work the experiment should be documented in a way that there could
be peer review. If you can't repeat it, it isn't valid.

I lost lots of Karma the last time I mentioned this, but I kind of don't care.
These kinds of fake "hacks" are only designed to create fear, and keep people
from working on real security issues while creating a reputation based on
falsehoods for the author.

------
mrinterweb
Looks like a security patch to GnuPG 1.x has already been released that
addresses this and GnuPG 2.x is not vulnerable to this hack according to this
article. [http://lists.gnupg.org/pipermail/gnupg-
announce/2013q4/00033...](http://lists.gnupg.org/pipermail/gnupg-
announce/2013q4/000337.html)

------
anovikov
How long does the full encryption of a say, typical email (kilobyte of plain
text or so) takes? It shouldn't be that much long, in the range of a few
milliseconds, or a few dozen samples of a microphone (44,100hz max).

What i can't understand is how you can compress a whole RSA decryption key,
which is say 4096 bits, into space SMALLER than itself (source data from
microphone with 16 bits per sample, mono, at 44,100 hz, will take 6ms to
accumulate 4096 bits - for sure encryption of a short email will take less!).
So it sounds like a hoax.

Obviously the key can't be 'comperssed' because it's ramdom data with a high
quality of randomness. And you cannot pull it out of SMALLER amount of data
recorded by the microphone in the time it takes to make an encryption. That
is, if anything happening within the processor can make acoustic noise loud
enough for microphone to detect, which i really doubt.

I believe this even less than air-powered cars, or cold fusion.

~~~
ColinWright
Wonderful analysis of something completely different from the actual article.
You make several good and useful points, it's just a shame that they're
irrelevant.

    
    
      > I believe this even less than air-powered cars ...
    

Air-powered vehicles are quite common.

[http://www.fastcoexist.com/1681429/this-air-powered-car-
gets...](http://www.fastcoexist.com/1681429/this-air-powered-car-
gets-81-miles-per-gallon)

[http://auto.howstuffworks.com/fuel-
efficiency/vehicles/air-c...](http://auto.howstuffworks.com/fuel-
efficiency/vehicles/air-car.htm)

[http://www.dailymail.co.uk/news/article-2266632/Car-runs-
air...](http://www.dailymail.co.uk/news/article-2266632/Car-runs-air-coming-
soon-Peugeot-Citroen-unveil-new-117mpg-hybrid.html)

[http://en.wikipedia.org/wiki/Compressed_air_car](http://en.wikipedia.org/wiki/Compressed_air_car)

[http://www.popularmechanics.com/cars/news/preview-
concept/42...](http://www.popularmechanics.com/cars/news/preview-
concept/4217016)

------
myle
This could have been prevented. Oblivious Turing Machines:
[http://stackoverflow.com/questions/14847080/how-does-an-
obli...](http://stackoverflow.com/questions/14847080/how-does-an-oblivious-
turing-machine-work)

------
venomsnake
One has to wonder do proper sound proof case like Fractal Design that are
lined with foam inside can thwart the attack.

------
rubyrescue
I just don't believe this is reproducible... seems fake.

~~~
yelnatz
One of the authors of this paper is Adi Shamir.

One of the guys who wrote the RSA algorithm in 1977.

RSA -> Ron Rivest, Adi Shamir and Leonard Adleman

This is legit.

~~~
jodrellblank
"This will be reproducible because the author is famous".

(Appeal to authority fallacy?)

~~~
myko
Appealing to authority is only a fallacy if the authority isn't actually an
authority / is considered infallible. This doesn't seem to be the case here.

~~~
jodrellblank
It is?

I thought the fallacy was using an unrelated property as evidence to support
the truth of a factual statement (the author's previous work, shoe size,
favourite music, etc).

