Private Keys Vulnerable to New Android & iOS Attack
Researchers from Tel Aviv University’s Laboratory for Experimental Information Security (LEISec) and The University of Adelaide have created an attack vector against Android and iOS devices. The invasion uses a $2 USD magnetic device to crack private keys held on these operating systems allowing the possible theft of users’ bitcoins and private data. Also read: Bitcoin’s ‘Apple Pay’ App […]
Researchers from Tel Aviv University’s Laboratory for Experimental Information Security (LEISec) and The University of Adelaide have created an attack vector against Android and iOS devices. The invasion uses a $2 USD magnetic device to crack private keys held on these operating systems allowing the possible theft of users’ bitcoins and private data.
Researchers Extract Private Keys from ECDSA Encryption
The report states:
An attacker can non-invasively measure these physical effects using a $2 magnetic probe held in proximity to the device, or an improvised USB adapter connected to the phone’s USB cable, and a USB sound card. Using such measurements, we were able to fully extract secret signing keys from OpenSSL and CoreBitcoin running on iOS devices. We also showed partial key leakage from OpenSSL running on Android and from iOS’s CommonCrypto.
The testing included many different devices with an array of firmware and found vulnerable points in the software. People who don’t update these operating systems running older versions were considered to be more susceptible to attacks. The exposed encryption is used on most of the devices isolating private keys stored in the depths of its hardware.
“ECDSA is a very popular signature scheme that is especially pertinent and critical in mobile devices due to its use in mobile payment apps such as Bitcoin wallets and Apple Pay,” the report notes. “Attacking ECDSA raises new challenges.”
Currently, the attacker must gain possession of the device and spend some time trying to attack it. Lengths of time vary between each device, and “real-world implementations” could be quite difficult. Some of the testing with phones holding Bitcoin software revealed partial keys, though iPhones “demonstrated full key extraction.”
This type of attack can be done with very little money using items that are easily available. The “cheap” items needed to build the hacking tool include:
- EM Probe for the electromagnetic channel, ($1 on eBay);
- Power Probe to monitor the phone’s current draw;
- USB battery Pack through the pass-through adapter, to measure voltage;
- Optional Digitizer acts as both as an amplifier (60dB gain) and as a digitizer (192 Ksample/sec).
The paper recognizes that this attack scenario is not the easiest task to accomplish. However, if given a possible amount of time, the knowledge, and the correct tools a vast majority of devices can be cracked. If a device were put into the wrong hands for a period, private keys could be taken from the gadget without the owner noticing.
Hacking with Sound
In another experiment, the same team hacked a laptop and was able to fetch the keys in a matter of minutes. This side channel attack was even able to access these portable computers and its isolated encryption from a separate room. Rather than magnetic strips, the laptop attack uses sound frequency methods that find a way to communicate with the host machine. The paper explains its side channel attack against PC-class computers stating:
While traditional side channel research has mainly focused on small embedded devices such as smartcards, RFID tags, FPGAs and microcontrollers, recent works also study of vulnerability of complex PC-class computers (laptop, desktop and server) to physical key-extraction attacks.
The paper from Tel Aviv University caused some alarm within the Bitcoin community on the /r/bitcoin forums. On a Reddit thread, users asked if certain wallets like Mycelium and Breadwallet were susceptible to this type of attack. Breadwallet’s founder Aaron Voisine answered the commenters on his company’s behalf. “No, we have several layers of defense,” he wrote explaining that Breadwallet uses libsecp256k1 instead of the CoreBitcoin software. Indeed, the report notes that most Bitcoin services that have upgraded to libsecp256k1 were not vulnerable to this attack.
Coincidentally, the report comes out at a time when Whitfield Diffie and Martin Hellman have been given the Turing Award for their work with public key encryption. The algorithm they created back then was just the beginning of the battle between ciphering and deciphering encrypted code. Governments and malicious hackers are trying to find ways to gain access to citizens’ privately stored information. This current attack may not be too worrisome for users at the moment due to the attacker needing physical access to the owner’s device. However, this technology may also develop so that it can be used from a few blocks away and possibly another city in the future.
What do you think about the researcher’s ability to crack ECDSA encryption? Let us know in the comments below!
Images courtesy of the University of Tel Aviv, Pixbay