Researchers at EURECOM S3 Group found that they can extract crypto keys from a set of run-of-the-mill communications chips just by listening to the noise it makes.
This noise is sent out over radio signal via the transmitter on the device in question, which could be a Wi-Fi or Bluetooth device. As long as the chipset on a device shares the same physical space (the silicon die) as the device’s radio transmitter, the researchers found that the chip will leak what it’s doing to the radio transmitter – and that transmitter will both amplify and send that information over some distance.
In at least one proof-of-concept, the researchers were able to extract a full TinyAES 128 key from a 10-meter distance from a leaky Bluetooth dongle. In their tests, they also found that the maker of the chipset didn’t matter, as they were able to extract data from both a Qualcomm and a Nordic Semiconductor chip.
This is referred to as a side-channel attack, meaning the exploitable flaw is in the infrastructure and hardware that supports the computer system, and not a bug in the system or code itself. Since the data in this attack could be potentially picked up from a shout’s distance away, the researchers are calling this attack a “screaming channel” instead.
As the researchers note, this kind of issue could potentially have a huge impact as it’s not limited to one type of chip or device. Since real estate on a circuit board inside a device is at a premium, device makers have a cost-saving incentive to jam as much as they can into as small a space as possible.
In recent years, device makers have mixed digital (e.g. CPU) and analog (e.g. radio) components onto the same space, called a mixed-signal circuit. These mixed-signal circuits are the issue, the researchers say – and as long as a ‘noisy’ chip sits near a leaky radio transmitter on a device, an attacker with a relatively simple bit of kit could pick up what’s being transmitted.
Some side-channel attacks require the target machine to be already infected with malware to work – as in this example where a hacker could exfiltrate data from an infected machine just by manipulating an LED. The number of variables that have to fall in place for that attack to work certainly relegate it to the “technically cool, but extremely unlikely” category of attacks. But that doesn’t apply to all side-channel attacks – this ‘screaming channel’ flaw doesn’t require any direct intervention by an attacker.
If you are so inclined, the researchers shared their experiment’s code and setup on GitHub, so you can try to listen in on what a device’s chipset is broadcasting. The researchers will also be sharing their findings at the Black Hat conference in Las Vegas next week. In the meantime, they have called upon microelectronics manufacturers to implement better protections against this kind of attack.