Air-gapped computers that are believed to be the most secure computers on the planet have become a regular target for researchers in recent years.
Air-gap computers are one that are isolated from the Internet or any other computers that are connected to the Internet or external network, so hackers can’t remotely access their contents.
But you need to think again before calling them ‘Safe.’
A team of security researchers from Tel Aviv University and Technion have discovered a new method to steal sensitive data from a target air-gapped computer located in another room.
The team is the same group of researchers who had experimented a number of different methods to extract data from a computer. Last year, the team demonstrated how to extract secret decryption keys from computers using just a radio receiver and a piece of pita bread.
In 2014, the team devised a special digitizer wristband that had the ability to extract the cryptographic key used to secure data stored on a machine just by solely touching the chassis of the computer.
Extracting Secret Decryption Key in Seconds
Now taking its experiment a step further, the team of researchers, including Daniel Genkin, Lev Pachmanov, Itamar Pipman, and Eran Tromer, recently discovered a similar way to extract secret decryption key within seconds, but this time, from an air-gapped machine.
Although hacking air-gapped machines to steal cryptographic keys has been carried out in past, this is the first time when such attack have successfully targeted computer running Elliptic Curve Cryptography (ECC).
Elliptic Curve Cryptography is a robust key exchange algorithm that is most widely used in everything from securing websites to messages with Transport Layer Security (TLS).
How Does the Method Work?
Researchers used a method known as Side-Channel Attack: An attack that extracts the secret cryptographic key from a system by analyzing the pattern of memory utilization or the electromagnetic outputs of the PC that are emitted during the decryption process.
"By measuring the target’s electromagnetic emanations, the attack extracts the secret decryption key within seconds, from a target located in an adjacent room across a wall," reads the recently published paper [PDF].
Specifically, the team obtained the private key from a laptop running the popular implementation of OpenPGP, GnuPG. However, the developers of GnuPG have since rolled out countermeasures to this method, making GnuPG more resistant to side-channel attack.
The equipment used in the experiment hack included:
A software-defined radio
During the experiment hack, the researchers first sent the target laptop a specific ciphertext (an encrypted message).
Now, during the decryption of the chosen ciphertext, the researchers measured the EM leakage of the laptop, "focusing on a narrow frequency band."
The signal was then processed, and a clear trace was produced, revealing the information about the operands used in the ECC, which in turn revealed the secret key.
This experiment was being carried out through a 15-centimeter thick wall, reinforced with metal studs, according to the researchers.
"The experiment…was conducted using a Lenovo 3000 N200 laptops, which exhibit a particularly clear signal," the paper reads. "The attacks are completely non-intrusive: we didn’t modify the targets or open their chassis."
The security researchers successfully extracted the secret key after observing around 66 decryption processes, each lasting about 0.05 seconds, resulting in a total measurement time* of about 3.3 secs.
Future challenges for researchers include the challenges of non-chosen ciphertext attacks and attacking other cryptographic primitives (such as symmetric encryption). Moreover, minimizing the number of decryption operations in order to extract the secret key.
The team will present its work at the upcoming RSA Conference on March 3. To know in-depth explanation with technical details about the attack, we recommend you read the research paper [PDF].
*Note: When the team says the secret key was obtained in ‘seconds’, it is the total measurement time, and not how long the time would take for the attack to actually be carried out.