Researchers have devised an attack on Android and iOS devices that successfully steals cryptographic keys used to protect Bitcoin wallets, Apple Pay accounts, and other high-value assets.
The exploit is what cryptographers call a non-invasive side-channel attack. It works against the Elliptic Curve Digital Signature Algorithm, a crypto system that's widely used because it's faster than many other crypto systems. By placing a probe near a mobile device while it performs cryptographic operations, an attacker can measure enough electromagnetic emanations to fully extract the secret key that authenticates the end user's data or financial transactions. The same can be done using an adapter connected to the USB charging cable.
"An attacker can non-invasively measure these physical effects using a $2 magnetic probe held in proximity to the device, or an improvised USB adapter connected to the phone's USB cable, and a USB sound card," the researchers wrote in a blog post published Wednesday. "Using such measurements, we were able to fully extract secret signing keys from OpenSSL and CoreBitcoin running on iOS devices. We also showed partial key leakage from OpenSSL running on Android and from iOS's CommonCrypto."
While the researchers stopped short of fully extracting the key on a Sony-Ericsson Xperia x10 Phone running Android, they said they believe such an attack is feasible. They also cited recently published research by a separate team that found a similar side-channel vulnerability in Android's version of the BouncyCastle crypto library.
Older versions of iOS—specifically, 7.1.2 through 8.3—appear to be vulnerable. The current 9.x version does not appear to be vulnerable because it added defenses against side-channel attacks. However, users of even current versions of iOS are still at risk when using vulnerable apps. One such vulnerable iOS app is CoreBitcoin, which is used to protect Bitcoin wallets on iPhones and iPads. Because it uses its own cryptographic implementation rather than the iOS CommonCrypto library, it is vulnerable to the key-extraction attack. CoreBitcoin developers told the researchers they plan to replace their current crypto library with one that's not susceptible to the attack. The latest version of Bitcoin Core, meanwhile, is not vulnerable.
Both the 1.0.x and 1.1.x versions of the OpenSSL code library are also susceptible except when compiled for x-86-64 processors with a non-default option selected or when running a special option available for ARM CPUs. The researchers said they reported the vulnerability to OpenSSL maintainers, and the maintainers said that hardware side-channel attacks aren't a part of their threat model. The full research paper is here.
The researchers—from Tel Aviv University, Technion and The University of Adelaide—recently published a separate paper that showed how to extract secret ECDH keys from a standard laptop even when it was locked in an adjacent room. The attack is able to obtain the key in seconds. A separate side-channel attack against RSA secret keys was devised in 2013. Unlike the one against mobile phones, it uses sound emitted by the electronics, rather than electromagnetic emanation or power consumption.
At the moment, the attack would require a hacker to have physical possession of—or at least have a cable or probe in close physical proximity to—a vulnerable mobile device while it performed enough operations to measure "a few thousand ECDSA signatures." The length of time required would depend on the specific application being targeted. The requirements might make the hack impractical in some settings, as long as device owners take care to closely inspect USB cables before plugging them in and look for probes near their phones.
Still, averting attacks may sometimes prove difficult, since cables or probes could be disguised to conceal what they're doing. And as the images in this post demonstrate, probes could be hidden on the underside of a table. It's also possible that over time, researchers could devise ways to measure the leaks from further distances. For that reason, while the vulnerabilities probably don't pose an immediate threat to end users, they should nonetheless be a top concern for developers. The researchers have been working with the vendors of the specific software they analyzed to help them evaluate and mitigate the risk to their users.
Promoted Comments
Ok. The obvious question is, will it work on the phone the FBI has?
Nope as this only works when the system is decrypting the data anyways.
in order to use this you have to encrypt or decrypt what you are looking for.
This might work at a restaurant where you replace placement with one with sensors though.
Ok. The obvious question is, will it work on the phone the FBI has?
This is an attack on devices that are actively using one of their secret keys. Not the PIN access problem that the FBI has. I'm guessing the PIN you use to login to a phone is hashed and then checked against a stored value.
It is impractical for certain situations; but unless the presentation is nothing but outright lies it looks pretty damn possible to me. Actually more possible than I would have expected(in particular, the fact that a USB sound card, with frequency capabilities aimed at audio recording, is good enough for grabbing RF from a CPU running in the hundreds of megahertz, rather than needing some 5-6 figure widget from Agilent).
Is it high on the list of day-to-day risks? Not really, anything connected to the internet should probably worry about that instead; but how much more possible do you want from an attack? Demonstrated on several models, against multiple flavors of crypto software, doable with cheap and common hardware, no exotic lab gear required.
You must login or create an account to comment.