Cryptography for Mere Mortals #16
An occasional feature, Cryptography for Mere Mortals attempts to provide clear, accessible answers to questions about cryptography for those who are not cryptographers or mathematicians:
Q: Another crypto headline failure: “AES-256 keys sniffed in seconds using €200 of kit a few inches away“! Now is it time to panic? To quote the original Ghostbusters, is this “…a disaster of biblical proportions… Dogs and cats living together! Mass hysteria!”?
A: No (you knew that was coming). Well, maybe not the “mass hysteria” part.
Besides this article being from The Register—well above the standards of Weekly World News, but hardly a serious technical publication—there’s no real news here. Yes, these researchers found that, using relatively low-tech hardware, they could divine the encryption key being used by a specific system, which they were able to exactly copy in advance, and under laboratory conditions. To its credit, the article does note this in the final paragraph—a bit late to calm folks down, of course.
This is like saying that all padlocks are useless because someone figured out how to calculate the combination based on the serial number for a specific model from a specific manufacturer: it overstates the scope of the problem. (Actually, this theoretical padlock issue would be far worse, since it would not require laboratory conditions.)
Indeed, this basic approach is well known: it’s called Van Eck phreaking, and was first demonstrated over 30 years ago. A logical 1 uses power and a logical 0 does not, which means that careful physical measurements of the system can distinguish between them. But it’s not difficult to counter such attacks, and most HSMs and secure smartcards do so, including our HPE Atalla Hardware Security Module (HSM).
The “new” part of this attack is how cheap it’s gotten: the specialized hardware required used to cost thousands of dollars. That’s mildly interesting, if unsurprising: the processing power and memory of your smartphone surpass the aggregate computing resources on the planet a few decades ago!
Again, this is not a cryptanalytic attack against AES (Advanced Encryption Standard): it is an attack against a specific hardware platform running a specific AES implementation, under very specific conditions. So AES is just as secure as it was a couple of days ago, and we can all go back to playing Angry Birds.