Side-Channel Attacks: How Hackers Bypass Encryption and Steal Data

By Owen PatelCryptography Tutorial

Workarounds: How Side-Channel Attacks Enable Data Theft and Encryption Bypass

All hacking techniques targeting cryptographic systems fall into two main categories: those exploiting flaws in the encryption algorithms themselves, and those targeting their physical implementations. In this article, we’ll focus on the latter, known as SCA (side-channel attacks).

WARNING: This article is for research and informational purposes only. Neither the author nor the editors are responsible for any potential harm resulting from its use.

What Are Side-Channel Attacks (SCA)?

Unlike abstract mathematical models, any physical implementation of a cryptosystem cannot be completely isolated. It always consists of mass-produced components with their own operational quirks. For example, a crypto module may consume different amounts of power during various bit operations, emit characteristic radio frequency interference, experience input-dependent delays, or heat up more in some cases than others. All of these are indirect data points that can reveal secret information without direct access.

In practice, SCAs are widely used—from eavesdropping on passwords to reading protected memory areas, even remotely. The essence of SCA is to intercept side signals generated during the processing of isolated or encrypted data, then use those signals to reconstruct secret information (passwords, hashes, encryption keys, message text) without directly accessing the protected data.

Acoustic Eavesdropping

A simple example: you want to learn your colleague’s password but can’t watch them type it. By listening, you can determine its length and the use of the spacebar, which sounds unique. Without any special equipment or software, you’ve already learned a lot just by paying attention.

If you record several login sessions and apply statistical analysis, you could reconstruct most or all of the password. Uncertain characters can be quickly brute-forced based on the known pattern.

A similar, though more complex, method was used by the British GCHQ in the 1960s. They installed microphones in the Egyptian embassy and recorded the sounds of a mechanical cipher machine. By analyzing these, they determined the initial positions of two cipher disks and then cracked the encryption by brute force.

Today, acoustic SCAs are rare outside academic research. For example, renowned cryptographer Adi Shamir managed to recover an RSA key from audio recordings of encryption patterns. (Yes, electronics make different noises during typical operations.) He succeeded, but only under highly controlled conditions: the computer encrypted with the same key for an hour, and all other processes were stopped.

Electromagnetic Emissions

More commonly, attackers measure electromagnetic emissions (EMI), which vary depending on the scan code sent from the keyboard or the instructions executed by chips. In Russian, this is called PEMIN (side electromagnetic emissions and interference); in English, it’s known as TEMPEST (Transient Electromagnetic Pulse Emanation Standard).

TEMPEST originated from a secret U.S. program in the 1970s. Today, it refers to any attack based on capturing side-channel EMI. Modern attacks often use software-defined radios (SDR). For example, in the paper Stealing Keys from PCs using a Radio, researchers show how a FUNcube Dongle Pro+ receiver can extract RSA keys from a laptop half a meter away.

Another variation involves continuously measuring the electrical potential on a laptop’s chassis during encryption or decryption. By comparing the graph with known ciphertext and algorithms, it’s possible to recover even very long keys.

Types of Side-Channel Attacks

With physical access to equipment, more attack vectors become available. You can measure operation delays (timing attacks), power consumption spikes at the start of encryption rounds (power-monitoring attacks), manipulate input data and analyze error messages (fault attacks). Here’s a general classification:

  • Remote vs. Local: Remote attacks include network-based timing attacks (e.g., on OpenSSL) or intercepting radio signals. Local attacks range from simply being near the computer to running code from local media or even soldering wires to a crypto module.
  • Active vs. Passive: Active attacks involve interfering with the cryptosystem or changing its parameters. Passive attacks involve quietly observing with a receiver, making detection unlikely.

Active attacks are often used to speed up hacking, but sometimes they’re the only option. For example, to break a crypto module as a “black box,” you need to feed it various known messages and collect output for statistical (differential) analysis.

Reading Residual Information

This is one of the most popular techniques. It includes recovering recently deleted files, cold boot attacks, and more specific methods like extracting a BitLocker key from a RAM dump.

Programs leave many traces on disk (temp files, logs) and in RAM (which is virtualized and swapped to disk), so always start by searching for residual data. Most methods require physical access, but remote attacks are possible, such as downloading backups over the network or reading a network printer’s cache for past documents.

Computation Error Analysis

This is the most time-consuming method, used when simpler options aren’t available. At the hardware level, you can induce errors by changing the clock frequency or power supply of a crypto module. These manipulations led to the development of platforms like ChipWhisperer for analyzing hardware SCA resistance.

In software-based encryption, you repeatedly alter encrypted data (e.g., overwriting memory pages) and observe errors during processing. Over time, you gather statistics for differential analysis, hoping to find patterns between known plaintext and ciphertext.

Due to common software and driver flaws, this process can be surprisingly effective. For example, the paper Fault Attacks on Encrypted General Purpose Compute Platforms describes breaking an RSA key in GnuPG by analyzing errors in a system with full memory encryption (similar to AMD Secure Memory Encryption).

Timing Attacks

These attacks are possible when encryption operation duration depends on data structure. This applies to all cryptosystems performing addition on arbitrary (unknown) bit lengths, such as RSA and SSL.

Worse, there are universal timing attacks targeting the CPU cache, which can leak information from any process—including password managers, sandboxed browsers, and encrypted virtual disks. See articles on Meltdown and Spectre for more details.

(Non-)Invasive Attacks

Invasiveness refers to the need for physical intervention. For example, opening a hardware-encrypted USB flash drive, dissolving epoxy with acetone, and removing the copper shield is invasive (as demonstrated by Google at Black Hat 2017). If there’s no shielding, you can use non-invasive, passive TEMPEST attacks. There are also “semi-invasive” methods that don’t irreversibly alter the device.

The most invasive method is probing: opening the crypto module and attaching measurement equipment to its pins or traces. In extreme cases, the chip is examined under a microscope after removing thin layers with a microtome, repeating the process until the circuit diagram is reconstructed.

Probing with chip scraping and macro photography was popular in the 1980s, when chips had fewer transistors and their connections were visible under an optical microscope. Today, it’s mainly used for analyzing microcontrollers and specialized circuits. Modern processors are nearly impossible to study this way due to tiny features (14 nm or less) and billions of transistors.

Keys to Success

The specific side channel chosen is less important than ensuring these conditions during data capture:

  • The signal-to-noise ratio (SNR) is high enough to distinguish the signal from noise.
  • There’s a correlation between the intercepted signal and the target data (not necessarily obvious, but statistically detectable).
  • The side channel exhibits low latency (the measured value changes almost synchronously with the target data).
  • The sampling rate matches or exceeds the rate at which secret data changes.

These conditions are often violated in sloppy experiments, leading to dubious claims about new SCA types at hacker conferences. For example, attempts to reconstruct a monitor image by measuring room light levels were possible with CRTs (due to line scanning), but with LCDs (which refresh entire frames), there’s not enough data for such attacks.

Sometimes, methods are misapplied. For instance, voltage and current readings directly from a chip can reveal much about its computations. In 2014, CPA (Correlation Power Analysis) was used to break AES in all modes. However, trying to recover a secret key by measuring a computer’s overall power consumption is futile—you might only determine if it’s on and running intensive tasks.

Defending Against SCA

Countermeasures become clear from analyzing attack practices. Here are some general recommendations:

  • Maximize isolation: As an admin, disable unused network interfaces and close unnecessary ports. As a user, use an on-screen keyboard for passwords. For extra paranoia, install a polarizing screen filter to prevent shoulder surfing.
  • Control physical access: Lock up external drives or keep them with you. Even with real encryption, don’t leave them unattended. Never let others use your computer, even with a guest account. The most dangerous hacker is the one with a screwdriver and a bootable flash drive.
  • Eliminate traces: Use secure file deletion, clear swap files, browser caches, and temp folders. Handle the most sensitive data in privacy-focused Live OS environments.
  • Choose cryptosystems with SCA countermeasures: The same algorithm can have very different implementations. For example, AES-CTR is less vulnerable to SCA than AES-ECB.
  • Generate noise: Lowering SNR below a critical level makes remote attacks ineffective. Loud music can foil eavesdropping; a microwave can jam part of the EM spectrum. Specialized noise generators are even more reliable.
  • Follow general security best practices: Regularly change passwords and encryption keys to render complex interception schemes useless.

Other methods are for device developers:

  • Shield all electronic circuits except wireless modules (anti-TEMPEST).
  • Remove chip markings and cover boards with epoxy (against invasive methods).
  • Equalize operation times (anti-timing).
  • Balance power consumption (anti-CPA).
  • Use built-in (not external) clock generators and extra Zener diodes (anti-fault).
  • Remove debug ports from production devices.
  • Choose algorithms with bitwise operations on fixed bit lengths (input-independent).
  • Mask data and frequently change initialization vectors (to hinder correlation analysis).

Conclusion

Besides cryptographic systems, side-channel attacks are increasingly used against standard computer components. For example, recent research describes SCA on virtual memory caches with paging and universal attacks on memory segment isolation in Intel x86 architecture.

Old encryption protocols can be attacked directly due to known vulnerabilities in their cryptographic primitives. For example, the SHA-1 hash function is susceptible to collisions, allowing quick generation of fake digital signatures or certificates. The RC4 stream cipher, used in WEP authentication, can be cracked in a minute with AirCrack.

These are all well-known weaknesses of old algorithms. For newer ones, no effective attacks have been found yet, so the only way to break them technically is to look for workarounds. Usually, a specific SCA method meets several criteria at once, as side channels often complement each other.

Leave a Reply