RSA Key Extraction via Low-Bandwidth Acoustic CryptanalysisThe attack has to be near the physical space of the decrypting-device to work, but apparently just about any device with a microphone is good enough.
The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour, using the sound generated by the computer during the decryption of some chosen ciphertexts. We experimentally demonstrate that such attacks can be carried out, using either a plain mobile phone placed next to the computer, or a more sensitive microphone placed 4 meters away.
...
- In almost all machines, it is possible to distinguish an idle CPU (x86 "HLT") from a busy CPU.
- On many machines, it is moreover possible to distinguish different patterns of CPU operations and different programs.
- Focusing on GnuPG as a study case, on some machines we can:
distinguish between the acoustic signature of different RSA secret keys (signing or decryption), and
fully extract decryption keys, by measuring the sound the machine makes during decryption of chosen ciphertexts.
The rule of extreme paranoia still seems to apply here: Don't let anyone you don't completely trust anywhere near your machine, and this attack won't work.
