Israeli scientists from the University of David Ben-Gurion have developed a new way to attack third-party channels by remotely obtaining the values of encryption keys ECDSA and Sike. This was achieved by analyzing the video recording of the LED indicator of the Rider Smart Cart or smartphone performing operations with the key.
The method involves fluctuations in energy consumption which affect the brightness of LED power indicators. An alteration of brightness, related to the calculations made, can be captured on digital video surveillance cameras or smartphones. Data processing from the camera can then restore the information used in the calculations.
To bypass the inaccuracy of the recording of only 60 or 120 frames per second, the chamber used the temporary parallax (Rolling Shutter), showing different parts of a rapidly changing object at different points of time. This allows up to 60,000 brightness measurements per second to be analyzed, depending on the change in energy consumption of the processor.
The attack is effective only when using vulnerable implementations of ECDSA and Sike in Libgcrypt and Pqcrypto-Sidh libraries. For example, the vulnerable libraries subject to attack are used in the Samsung Galaxy S8 smartphone and six smart cards bought on Amazon from five different manufacturers.
Scientific experiments conducted showed that in one, it was possible to obtain a 256-bit ECDSA key from a smart card by analyzing a video of the LED reader for a smart card, shot to a video surveillance camera connected to the Internet and located 16 meters from the device. The attack took about an hour and required the creation of 10,000 digital signatures.
This new mode of cryptanalysis is a breakthrough in modern technology because it brings cyber threats to an unprecedented level. It is important to note that the vulnerability of these libraries has been exposed, making it essential for providers to update their systems with the latest patches to prevent the exploitation of this attack method.