Researcher Shows Single-Decryption EM-Based Attack on OpenSSL

by ·

The Georgia Tech Institute’s security research team has publicly revealed a bypass vulnerability in the widely used OPENSSL encryption software.

This vulnerability allows the use of radios to detect OPENSSL encryption keys, which in turn decrypts communications and steals user and server data.

OPENSSL is currently widely used encryption communication software, which can achieve peer-to-peer encryption communication to ensure that middlemen can not steal private data.

As for the OPENSSL bypass attack revealed by the researchers, the keys are detected by intercepting various signals generated by device activities such as electromagnetic radiation.

 

Simple devices can detect encryption keys:

Researchers say that the electromagnetic radiation generated by the device’s calculated current, power consumption changes, sound, and even temperature changes can be identified separately.

Researchers used Android devices and embedded development boards as experimental objects, both of which used processors ranging from 0.8 to 1.1 GHz.

The frequency of the relevant signals is 40MHz, and the researchers can start the detection by installing specific software on a handheld device that can be purchased in a particular market.

After many trials, the probability of successful detection of 2048-bit RSA encryption keys by researchers is more than 95%, and this attack is relatively more straightforward.

 

You don’t need to log in multiple times to get the key:

At present, the mainstream attack methods need to analyse numerous interactions to obtain the key, which requires the device to log in to generate continuously.

This new attack method only needs to have eavesdropped on the electromagnetic signal, which makes the attack extremely simple and the attack cost is significantly reduced.

The researchers pointed out that because the required eavesdropping device is tiny, it can be hidden in a coffee shop or under a table to detect electromagnetic signals from surrounding devices.

OPENSSL has fixed the vulnerability:

As a widely used open source software, the impact of this vulnerability will be huge, so OPENSSL has already fixed the vulnerability.

It is also considered that the security impact is tremendous, so the research team has only disclosed the vulnerability so far, and most of the devices should be updated to the latest version of OPENSSL.

If your server hasn’t been updated since May, it’s better to look for updates as early as possible to upgrade OPENSSL for security reasons.

Tags: