|Back | Print | Bookmark
Proximal Cryptographic Attacks
Cracking The AES Cipher
Recently, testing has demonstrated that everyday but very secure dual key encryption software is vulnerable to
fault-based attack. That means it is almost practical to break encryption, even strong encryption.
The words basically mean that it is now practical to crack the coding systems that we trust every day: the systems
that banks use for online banking, the coding software that we rely on for everyday business sales and purchase,
the security packages that we buy off the shelf in our computer supermarkets. How can that be?
Well, various teams of researchers have been working on this, but the first successful test attacks were made by a
team at the University of Michigan. They didn’t need to know about the computer hardware - all they needed to do
was to create transient (i.e. short-lived) faults in a computer whilst it was processing secure data. Then, by
monitoring the output they identified incorrect outputs with the faults they created, they could decode the
Modern security (the AES alogrithm) relies on two encryption keys. These encryption keys are 1024 bit (128 bytes)
and use huge prime numbers which are combined by the software. Now the problem is just like that of cracking a safe
- no safe is absolutely secure, but the better the safe, then the longer it takes to crack it. Until now, it has
been assumed that security based on the 1024 bit key would take too long to decode (we are talking thousands of
years), even with all the computing power on the planet. The latest research has shown that it can be done in a
matter of days, and even quicker if more computing power is used.
How do they crack it?
Modern computer memory and CPU chips do are so miniaturised that they are prone to occasional faults , but they are
designed to self-correct (error correcting memory). Ripples in the computer’s power supplies can also cause
short-lived (transient) faults in the chip. Such faults were induced as the basis of the cryptoattack in the
University of Michigan.
Note that the test team did not need access to the internals of the computer, only to be ‘in proximity’ to it, i.e.
to affect the power supply.
Have you heard about the EMP effect of a nuclear explosion? An EMP (Electromagnetic Pulse) is a ripple in the
earth’s innate electromagnetic field. It may be widespread depending on the size and precise nature of the bomb
used. An EMP would wreck electricity supply lines and non-hardened (specially protected) radio and copper wire
communications. A pulse gun could be used to cause the transient chip faults that could be monitored to crack
encryption. That’s how to decrypt the latest encryption keys.
There is one final twist that affects how quickly encryption keys can be broken.
The frequency of faults to which integrated circuit chips are susceptible depends on the quality of their
manufacture, and no chip is perfect. The flip side is that chips can be manufactured to offer higher fault rates,
by injecting contaminants during manufacture. Chips with higher fault rates could speed up the code-breaking
Cheap chips, slightly more susceptible to transient faults than the average, manufactured on a huge scale, could
become widespread. China produces memory chips (and computers) in vast quantities.
This is an excerpt of one of the research articles behind 'Gate of Tears'. Full article at
August 20, 2011
James Marinero writes techno thrillers, underpinned by extensive research.
Full Article Source: http://www.jamesmarinero.com/Research-Articles/New-Generation-Code-Breaking.html
↑ Back to Top