research-article

Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations

Authors:

Yuval EloviciAuthors Info & Claims

CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security

Pages 268 - 280

https://doi.org/10.1145/3576915.3616620

Published: 21 November 2023 Publication History

Abstract

Although power LEDs have been integrated in various devices that perform cryptographic operations for decades, the cryptanalysis risk they pose has not yet been investigated. In this paper, we present optical cryptanalysis, a new form of cryptanalytic side-channel attack, in which secret keys are extracted by using a photodiode to measure the light emitted by a device's power LED and analyzing subtle fluctuations in the light intensity during cryptographic operations. We analyze the optical leakage of power LEDs of various consumer devices and the factors that affect the optical SNR. We then demonstrate end-to-end optical cryptanalytic attacks against a range of consumer devices (smartphone, smartcard, and Raspberry Pi, along with their USB peripherals) and recover secret keys (RSA, ECDSA, SIKE) from prior and recent versions of popular cryptographic libraries (GnuPG, Libgcrypt, PQCrypto-SIDH) from a maximum distance of 25 meters.

References

[1]

[n. d.]. curve25519-donna.c. https://github.com/agl/curve25519-donna/blob/ master/curve25519-donna.c.

[2]

[n. d.]. HertzBleed Github. https://github.com/FPSG-UIUC/hertzbleed.

[3]

[n. d.]. Minerva Github. https://github.com/crocs-muni/minerva/tree/master/ poc/attack.

[4]

[n. d.]. PDA100A2. https://www.thorlabs.com/thorproduct.cfm?partnumber= PDA100A2.

[5]

2019. PQCrypto-SIDH. https://github.com/microsoft/PQCrypto-SIDH

[6]

Onur Aciicc mez, cC etin Kaya Kocc, and Jean-Pierre Seifert. 2007. On the power of simple branch prediction analysis. In Proceedings of the 2nd ACM symposium on Information, computer and communications security. 312--320.

[7]

Dakshi Agrawal, Bruce Archambeault, Josyula R Rao, and Pankaj Rohatgi. 2002. The EM side-channel (s). In International workshop on cryptographic hardware and embedded systems. Springer, 29--45.

[8]

Giovanni Camurati, Sebastian Poeplau, Marius Muench, Tom Hayes, and Aurélien Francillon. 2018. Screaming channels: When electromagnetic side channels meet radio transceivers. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. 163--177.

Digital Library

[9]

Elad Carmon, Jean-Pierre Seifert, and Avishai Wool. 2017. Photonic side channel attacks against RSA. In 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). IEEE, 74--78.

[10]

Nan Chi, Meng Shi, Yiheng Zhao, Fumin Wang, Jianyang Shi, Yingjun Zhou, Xingyu Lu, and Liang Qiao. 2018. LED-based high-speed visible light communications. In Broadband Access Communication Technologies XII, Vol. 10559. SPIE, 90--97.

[11]

Don Coppersmith. 1997. Small Solutions to Polynomial Equations, and Low Exponent RSA Vulnerabilities. J. Cryptol., Vol. 10, 4 (sep 1997), 233--260. https://doi.org/10.1007/s001459900030

Digital Library

[12]

Daniel Genkin, Lev Pachmanov, Itamar Pipman, and Eran Tromer. 2016. ECDH key-extraction via low-bandwidth electromagnetic attacks on PCs. In Cryptographers' Track at the RSA Conference. Springer, 219--235.

[13]

Daniel Genkin, Adi Shamir, and Eran Tromer. 2014. RSA key extraction via low-bandwidth acoustic cryptanalysis. In Annual Cryptology Conference. Springer, 444--461.

[14]

Daniel Genkin, Adi Shamir, and Eran Tromer. 2017. Acoustic cryptanalysis. Journal of Cryptology, Vol. 30, 2 (2017), 392--443.

Digital Library

[15]

Dennis RE Gnad, Jonas Krautter, and Mehdi B Tahoori. 2019. Leaky noise: New side-channel attack vectors in mixed-signal IoT devices. IACR Transactions on Cryptographic Hardware and Embedded Systems (2019), 305--339.

[16]

David Gullasch, Endre Bangerter, and Stephan Krenn. 2011. Cache games--bringing access-based cache attacks on AES to practice. In 2011 IEEE Symposium on Security and Privacy. IEEE, 490--505.

Digital Library

[17]

Mordechai Guri, Boris Zadov, Dima Bykhovsky, and Yuval Elovici. 2019. Ctrl-alt-led: Leaking data from air-gapped computers via keyboard leds. In 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC), Vol. 1. IEEE, 801--810.

[18]

Mordechai Guri, Boris Zadov, Andrey Daidakulov, and Yuval Elovici. 2018. xled: Covert data exfiltration from air-gapped networks via switch and router leds. In 2018 16th Annual Conference on Privacy, Security and Trust (PST). IEEE, 1--12.

[19]

Mordechai Guri, Boris Zadov, and Yuval Elovici. 2017. LED-it-GO: Leaking (a lot of) Data from Air-Gapped Computers via the (small) Hard Drive LED. In International conference on detection of intrusions and malware, and vulnerability assessment. Springer, 161--184.

[20]

Jan Jancar, Vladimir Sedlacek, Petr Svenda, and Marek Sys. 2020. Minerva: The curse of ECDSA nonces (Systematic analysis of lattice attacks on noisy leakage of bit-length of ECDSA nonces). IACR Transactions on Cryptographic Hardware and Embedded Systems, Vol. 2020, 4 (2020), 281--308. https://doi.org/10.13154/tches.v2020.i4.281-308

[21]

Sean King. 2008. Luminous Intensity of an LED as a Function of Input Power. ISB J. Phys, Vol. 2, 2 (2008).

[22]

Paul Kocher, Joshua Jaffe, and Benjamin Jun. 1999. Differential power analysis. In Annual international cryptology conference. Springer, 388--397.

[23]

Paul Kocher, Joshua Jaffe, Benjamin Jun, and Pankaj Rohatgi. 2011. Introduction to differential power analysis. Journal of Cryptographic Engineering, Vol. 1, 1 (2011), 5--27.

[24]

Joe Loughry and David A Umphress. 2002. Information leakage from optical emanations. ACM Transactions on Information and System Security (TISSEC), Vol. 5, 3 (2002), 262--289.

Digital Library

[25]

Daniel Moghimi, Berk Sunar, Thomas Eisenbarth, and Nadia Heninger. 2020. TPM-FAIL: TPM meets timing and lattice attacks. In Proceedings of the 29th USENIX Security Symposium.

[26]

Ben Nassi, Yaron Pirutin, Tomer Cohen Galor, Yuval Elovici, and Boris Zadov. 2021. Glowworm Attack: Optical TEMPEST Sound Recovery via a Device's Power Indicator LED. Cryptology ePrint Archive, Report 2021/1064. https://ia.cr/2021/1064.

[27]

Ben Nassi, Yaron Pirutin, Jacob Shams, Raz Swissa, Yuval Elovici, and Boris Zadov. 2022. Optical Speech Recovery From Desktop Speakers. Computer, Vol. 55, 11 (2022), 40--51.

Digital Library

[28]

Ronald L Rivest and Adi Shamir. 1985. Efficient factoring based on partial information. In Workshop on the Theory and Application of of Cryptographic Techniques. Springer, 31--34.

[29]

Alexander Schlösser, Dmitry Nedospasov, Juliane Krämer, Susanna Orlic, and Jean-Pierre Seifert. 2012. Simple photonic emission analysis of AES. In International Workshop on Cryptographic Hardware and Embedded Systems. Springer, 41--57.

Digital Library

[30]

Alexander Schlösser, Dmitry Nedospasov, Juliane Krämer, Susanna Orlic, and Jean-Pierre Seifert. 2013. Simple photonic emission analysis of AES. Journal of cryptographic engineering, Vol. 3, 1 (2013), 3--15.

[31]

Yukiyasu Tsunoo. 2002. Crypt-analysis of block ciphers implemented on computers with cache. Proc. ISITA2002, Oct. (2002).

[32]

Yingchen Wang, Riccardo Paccagnella, Elizabeth Tang He, Hovav Shacham, Christopher W Fletcher, and David Kohlbrenner. 2022. Hertzbleed: Turning Power {Side-Channel} Attacks Into Remote Timing Attacks on x86. In 31st USENIX Security Symposium (USENIX Security 22). 679--697.

Cited By

Liang YShan HLiu ZXu C(2024)Bit Sufi-Dance: Covert Data Exfiltration from Air-Gapped Networks via Electricity MeterElectronics10.3390/electronics1321419813:21(4198)Online publication date: 25-Oct-2024
https://doi.org/10.3390/electronics13214198
Nassi BIluz ECohen OVayner ONassi DZadov BElovici Y(2024)Video-Based Cryptanalysis: Extracting Cryptographic Keys from Video Footage of a Device’s Power LED Captured by Standard Video Cameras2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00163(2422-2440)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00163

Index Terms

Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations
1. Security and privacy
  1. Cryptography
    1. Cryptanalysis and other attacks
  2. Security in hardware
    1. Hardware attacks and countermeasures

Recommendations

Cryptanalysis and Improvement of a Certificateless Multi-proxy Signature Scheme

Certificateless cryptography is a new type of public key cryptography, which removes the certificate management problem in traditional public key cryptography and the key escrow problem in identity-based public key cryptography. Multi-proxy signature is ...
On the Importance of Eliminating Errors in Cryptographic Computations

We present a model for attacking various cryptographic schemes by taking advantage of random hardware faults. The model consists of a black-box containing some cryptographic secret. The box interacts with the outside world by following a cryptographic ...
Error Correction of Partially Exposed RSA Private Keys from MSB Side
ICISS 2013: Proceedings of the 9th International Conference on Information Systems Security - Volume 8303

The most popular public key cryptosystem to date has been RSA, whose security primarily relies on the unfeasibility of factoring the modulus, which is a product of two large primes, and on the secrecy of certain RSA parameters. In 2009, the cold-boot ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security

November 2023

3722 pages

ISBN:9798400700507

DOI:10.1145/3576915

General Chairs:
Weizhi Meng
Technical University of Denmark
,
Christian D. Jensen
Technical University of Denmark
,
Program Chairs:
Cas Cremers
CISPA Helmholtz Center for Information Security
,
Engin Kirda
Khoury College of Computer Sciences

Copyright © 2023 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 November 2023

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '23

Sponsor:

SIGSAC

CCS '23: ACM SIGSAC Conference on Computer and Communications Security

November 26 - 30, 2023

Copenhagen, Denmark

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
498
Total Downloads

Downloads (Last 12 months)440
Downloads (Last 6 weeks)39

Reflects downloads up to 23 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Liang YShan HLiu ZXu C(2024)Bit Sufi-Dance: Covert Data Exfiltration from Air-Gapped Networks via Electricity MeterElectronics10.3390/electronics1321419813:21(4198)Online publication date: 25-Oct-2024
https://doi.org/10.3390/electronics13214198
Nassi BIluz ECohen OVayner ONassi DZadov BElovici Y(2024)Video-Based Cryptanalysis: Extracting Cryptographic Keys from Video Footage of a Device’s Power LED Captured by Standard Video Cameras2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00163(2422-2440)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00163

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents