Mha'!
http://www.cs.tau.ac.il/~tromer/handsoff/
We demonstrated physical side-channel attacks on a popular software
implementation of RSA and ElGamal, running on laptop computers. Our
attacks use novel side channels and are based on the observation that
the "ground" electric potential in many computers fluctuates in a
computation-dependent way. An attacker can measure this signal by
touching exposed metal on the computer's chassis with a plain wire, or
even with a bare hand. The signal can also be measured at the remote end
of Ethernet, VGA or USB cables.
Through suitable cryptanalysis and signal processing, we have extracted
4096-bit RSA keys and 3072-bit ElGamal keys from laptops, via each of
these channels, as well as via power analysis and electromagnetic
probing. Despite the GHz-scale clock rate of the laptops and numerous
noise sources, the full attacks require a few seconds of measurements
using Medium Frequency signals (around 2 MHz), or one hour using Low
Frequency signals (up to 40 kHz).
We have extracted keys from laptops of various models, running GnuPG
(popular open source encryption software, implementing the OpenPGP
standard). The attacks exploit several side channels, enumerated below:
...
--
Jeno
