AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Cryptographic attack revealed: cameras become hacking tools

The secret keys of smart cards and smartphones could be compromised thanks to an innovative attack that uses video cameras and power LEDs

This pill is also available in Italian language

Researchers have developed an innovative attack that allows the recovery of secret encryption keys contained in smart cards and smartphones. This is accomplished by using iPhone cameras or commercial surveillance systems to record power LEDs, which indicate when the smart card reader or smartphone is turned on.

The evolution of the attack through the lateral channels

These bindings offer a new method of exploiting two previously revealed side channels. A side-channel attack exploits physical losses that occur during a cryptographic operation, such as power consumption, sound, electromagnetic emissions, or the time it takes to complete an operation. By closely monitoring these characteristics, attackers can gather enough information to recover the secret keys that make up the security and confidentiality of a cryptographic algorithm.

New research on the exploitation of lateral canals

On Tuesday, academic researchers presented new research demonstrating bindings that offer a new way to exploit these side channels. The first attack uses an Internet-connected surveillance camera to capture high-speed video of the power LED of a smart card reader or peripheral device during cryptographic operations. While there are limitations that make these attacks unfeasible in many real-world scenarios, the published research is groundbreaking as it provides an entirely new method to facilitate side-channel attacks.

The ease of implementing video-based attacks

Video-based attacks unveiled Tuesday reduce or eliminate those requirements entirely. All that is needed to steal the private key stored on the smart card is an Internet-connected surveillance camera that can be up to 62 feet away from the target reader. Attacking the side channels on the Samsung Galaxy can be done from an iPhone 13 camera already in the same room. This new method removes the biggest obstacle that prevented previously existing methods from exploiting side channels: the need to have instruments such as an oscilloscope, electrical probes or other objects touch or be in close proximity to the attached device.

Video

Follow us on Telegram for more pills like this

06/14/2023 13:11

Editorial AI

Last pills

Serious vulnerability discovered in Rabbit R1: all user data at riskVulnerability in Rabbit R1 exposes sensitive API keys. What are the privacy risks?

Cyber attack in Indonesia: the new Brain Cipher ransomware brings services to their kneesNew ransomware hits Indonesia: learn how Brain Cipher crippled essential services and the techniques used by hackers

Patelco Credit Union: security incident halts customer services in CaliforniaService disruption and customer frustration: Patelco Credit Union works to resolve security incident

Cyber attack on TeamViewer: immediate response and investigations underwayStrengthened security measures and international collaborations to counter the cyber threat