[Cryptography] Side channels strike again

[Jerry Leichter]

By using the rolling shutter on an iPhone or video camera, the authors show they can increase the the effective sampling rate of a zoomed-in photo of a power LED to 60K/second.  This is sufficient to see the power variations due to cryptographic operations.  They manage to read the keys out of a smart card reader from 60 feet away using the LED on the reader, and from a Samsung phone by monitoring the LED on a set of connected speakers connected to a USB hub that was also being used to charge the phone.

Video and link to paper at https://www.nassiben.com/video-based-crypta

Many years ago, there was a paper showing that you could read the data flowing through a router from across the street by watching LED's configured to blink in synchrony with the line.  People quickly learned to turn the LED's away from the window, and newer routers had fixes, in particular, not driving the LED directly from the line but from a low-rate sample, which gives the human eye the same ability to see activity without revealing (much) information.  This one's going to be harder - if you can read data off the hub, billions of devices that are unlikely to be replaced quickly are vulnerable.

                                                        -- Jerry