[linux-elitists] [paper] RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis

Andy Smith andy at strugglers.net
Fri Dec 20 03:09:39 PST 2013


On Thu, Dec 19, 2013 at 11:44:38PM -0800, Timothy Tuck wrote:
> On 19.12.2013 14:58, Bill Bogstad wrote:
> >all it means is that one shouldn't let anyone be within acoustic
> >range of their computer when it is decrypting the message.  That
> >isn't much harder to accomplish than not letting anyone read my
> >email over my shoulder.
> 
> Wow, is that some special kind of crack that your on?
> Not much harder to accomplish than not letting anyone read over your
> shoulder eh?

But if we take the paper at its word it requires a known plaintext
being decrypted for one hour.

Not an hour spent listening to a laptop decrypting lots of
different, unknown plaintexts.

I recall another technique presented recently that involved using
the accelerometer of a smartphone to work out, through sensed
vibrations, which keys were being struck on a nearby keyboard. That
sounds a lot more feasible at present, since there are a fairly
limited number of keys on a keyboard and a desktop user may always
have it in one place.

http://gcn.com/articles/2011/10/18/smart-phone-sensors-steal-keystrokes.aspx

Cheers,
Andy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://zgp.org/pipermail/linux-elitists/attachments/20131220/4ce200c7/attachment.sig>


More information about the linux-elitists mailing list