Most of us probably don’t give much thought to the digital encryption systems that keep our personal information, well, personal. If you do, you probably know more about it than I do. That said, the news that encryption keys can be stolen from smartphones by would-be nefarious hackers using only a nearby AM radio sets off all sorts of alarm bells in my head. Fortunately, no one has fallen victim to this technique, and the exploit’s discoverers at Cryptography Research hope to keep it that way.
The technique uses a low-tech means to snatch high-tech information. Using a standard AM radio within 10 feet of a smartphone, a hacker could conceivably pick up the electromagnetic waves emitted by the phone when the cryptographic libraries within it are accessed. Once captured, the signal can be analyzed and the private key of the user revealed. With that in hand, encrypted information could be intercepted and read.
NetworkWorld quotes Cryptography Research’s Paul Kocher as saying, “we’re stealing the key as it’s being used.” That’s some chilling phrasing right there, Paul.
Fortunately, Kocher and his firm are already working with smartphone makers to rectify the problem — which they maintain can be done. Kocher is obviously quite confident that a solution will be adopted across the industry, since he’ll be showing off the technique at the RSA Conference in San Francisco next month. Perhaps that’s one less thing to worry about, then.
(NetworkWorld via SlashDot, image via Bryan Costin)
- Aerial drone can hack you from the air
- iPhone accelerometer can “read” a nearby keyboard through a table
Published: Jan 28, 2012 02:08 pm