I read that a group of cryptology experts extracted a 4,096-bit RSA key from a laptop using a sound-based attack...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
technique. Can you explain how a sound-based attack works, whether it is an enterprise threat, and what we can do to mitigate the risks?
It should be no surprise that even an enterprise inside a Faraday cage, buried in a vault with 10-foot concrete walls can be successfully attacked. While it seems far-fetched, enterprises with high security requirements may want to plan for attacks that use sound-based attack techniques. These organizations might also want to add another 10 feet of concrete and destroy any microphones, telephones or other devices with audio features to stop sound attacks. They may also want to generate their own power to prevent analysis of their power consumption.
Yes, I'm being facetious, but the truth is, this is among the latest high-concept attach techniques that certain organizations with government-level security requirements should at least be aware of. For all other enterprises, this proof-of-concept exploit is not something you need to address.
I'm not diminishing the research performed by Adi Shamir, one of the inventors of the RSA algorithm, or Daniel Genkin and Eran Tromer of Tel Aviv University. They were able to identify a weakness in an encrypted GnuPG email plug-in, Enigmail, where it was configured to decrypted email by default. They found that when a certain mathematical operation was performed, the computer would emit a detectable, high-pitched noise. The trio could then monitor for this noise using a cell phone or a high-quality microphone at up to roughly 13 feet away. This allowed them to extract a 4,096-bit RSA decryption key from a targeted laptop.
GnuPG has since patched the vulnerability, so enterprises should install the new version of the software. This particular attack technique also requires automated decryption to be enabled -- which is known to be higher risk -- so disabling automated decryption could also reduce the threat.
Ask the Expert!
Have a question about enterprise threats? Send it via email today! (All questions are anonymous.)
Dig Deeper on Emerging Information Security Threats
Related Q&A from Nick Lewis
Locky ransomware has, again, changed tactics by moving to using LNK files for distribution. Expert Nick Lewis explains how enterprises can adjust ...continue reading
Hajime malware was discovered to have links to the Mirai botnet that launched powerful DDoS attacks last year. Expert Nick Lewis explains how Hajime ...continue reading
Drammer, or a deterministic Rowhammer attack, was found to be more effective on ARM-based mobile devices. Expert Nick Lewis explains the issue with ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.