Link to the paper: https://eprint.iacr.org/2023/923
The part about hacking Galaxy S8 keys by looking at a speaker connected to same usb… I think it’s very far fetched.
S8 has a battery that is constantly charged by usb cable. When you unlock the phone, power draw doesn’t change except maybe for a brief second when key is entered.
I’ve read the paper, it’s really very cool. However there is nothing to worry about in real life. They captured thousands of uses of a smartcard and then used statistical analysis to gleen data used to attack a protocol with known vulnerabilities. In another setup they had a phone right up against the power led, using the roller shutter effect to collect a single point of data at really high speed. The whole thing also depends on a shitty power supply with a led in the main path. Most power supplies these days don’t have such a led and if they do it’s not always the case they leak data like this.
The circumstances that allow this to work aren’t likely to occur in real life. Even if everything is just right, it still requires a way to collect thousands of samples to do the statistical analysis. And then also requires a scheme with known specific vulnerabilities to work.
Very cool research, but don’t worry about taping off al your power leds for security reasons.
There was a story like this in Zalewsky’s book Silence on the Wire. Not as technically sophisticated, of course. Great read if you’re into side channel attacks.
Reminds me of a story from nearly a decade ago where researchers were able to decrypt an RSA key by recording a CPU with a phone.
I think I recall reading about this one too. There are all kinds of ways processors and devices leak information. If you have the time and access you can correlate a lot of things to specific hardware and software operations.
I remember hearing something about a typewriter bug that is tuned to determine the key pressed by the particular acoustic signature of each key press. These kinds of outside-the-box solutions really interest me.
EMI and crosstalk is another area where information can leak and there are already snooping devices that work using that.
The concept of this is cool, but it feels strictly academic. When I read about this from another article it said the smart card had to be filmed for 60+ minutes of key exchange time. A normal key exchange is a fraction of a second. The ideal circumstances needed for this just don’t exist in the real world…
