RSA Susceptible to Audio Based Crack

First we had BadBIOS, now this — it hasn’t been the greatest week for the RSA team.

Developed by Adi Shamir (who holds the prestigious honor of the “S” in “RSA”) in conjunction with researchers Eran Tromer and Daniel Genkin, this advanced method of moving into a user’s email is nearly 10 years in the making, and has finally come to fruition in just the last month.

By deciphering the acoustic output a computer makes while decrypting keys on its home system, the team was able to not only crack one of the most secure encryption algorithims currently on the market, it only took about an hour of listening to do it.

This is a far cry from the 10,000 hour figure originally presented to security researchers when the standard was introduced back in 2004.

By hacking the microphone on any smartphone, iPhone, Android, or otherwise, Shamir was able to prove that although the code still holds up under brute force attempts undertaken from foreign networks, any physical devices equipped with a microphone in proximity of a targeted machines would be capable of decoding and relaying the cracks back to a server of the attacker’s choosing.

Titled RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis, the paper details several different processes employed by the researchers as they attempted to decipher the 4096-bit encryption keys supplied by various desktop and laptop models of varying age.

Of course, this entire operation relies on a litany of physical and digital factors which can be far more difficult to line up in the real world than it is in a lab setting. So while the average user should be concerned about the vulnerability, it’s assumed the majority of those targeted by the hack are of nation-state level intelligence and not much more below that.

Just in case, you can negate the process entirely by utilizing Version 2 of the GNUPG standard. On Sophos’ network security blog, Paul Ducklin reassured users their data remained safe as long as they upgraded to the new encryption scheme:

“The Version 2 branch of GnuPG has already been made resilient against forced-decryption attacks by what is known as RSA blinding.”

Because this particular method of decryption relies on open email, you can negate any attempts on your personal information by using private email systems, and always connecting to any questionable services through a virtual private network.

Check out our helpful tutorial to learn how to protect your computer from acoustic attackers and more!