You shouldn’t transmit encryption keys over Bluetooth, but that’s exactly what some popular wireless-enabled microcontrollers are already doing. This is the idea behind Screaming Channels, an exploit published by researchers at EUERCOM, and will be a talk at Black Hat next week. So far, the researchers have investigated side-channel attacks on Bluetooth-enabled microcontrollers, allowing them to extract tinyAES keys from up to 10 meters away in controlled environments. A PDF of the paper is available and all the relevant code is available on GitHub.
The experimental setup for this exploit consisted of a BLE Nano, a breakout board for a Nordic nRF52832 Bluetooth microcontroller, a Hack RF, a USRB N210 software defined radio from Ettus, and a few high-gain antennas and LNAs. The example attack relies on installing firmware on the BLE Nano that runs through a few loops and encrypts something with tinyAES. Through very careful analysis of the RF spectrum, the AES keys can be extracted from the ether.
Side channel attacks have received a bit more popularity over recent years. What was once limited to Three Letter Agency-level Van Eck phreaking can now be done inexpensively and in a system with devices like the ChipWhisperer.
Of course, this is only a demonstration of what is possible with side-channel attacks in a highly controlled environment with a significant amount of work gone into the firmware running on the microcontroller. This isn’t evidence that balaclava-wearing hackers are sniffing your phone from across the parking lot to get the password to your Instagram account, but it does show what is possible with relatively cheap, off-the-shelf hardware.
Doesn’t mixed signal microcontroller just mean that it handles analog and digital? Maybe “a wireless microcontroller” might be more accurate.
I think the principle behind it is that digital information can be seem to be overlaid on analog outputs. Presumably this happens at all frequencies.
I can see this being an issue as we see more chips like the ESP8266 which mix a wireless radio with a CPU on the same chip. I’d be interested to know if ESP8266s leak their WPA2 keys out over the air whenever they send or receive packets, just from small fluctuations in the signal as the chip decrypts the incoming and outgoing packets.
At least, it seems, the mitigation is easy and straightforward: forgo these chips or their inbuilt wireless radios and pack a discrete radio, then sprinkle filter caps on the power rails in between them. (the radio and whatever’s got a CPU crunching keys or other secrets)
DejaVu?
https://hackaday.com/2018/07/27/screaming-channels-attack-rf-security/
ComicSans?
“This isn’t evidence that balaclava-wearing hackers are sniffing your phone from across the parking lot to get the password to your Instagram account, but it does show what is possible with relatively cheap, off-the-shelf hardware.”
I imagine for those doing hardware software security engineering this will help, even if it’s a black box one’s working with.
Informative article, Thanks Brian.
You can have a look at TEMPEST Attacks Against AES by Craig Ramsay presented during hardwear.io
https://www.youtube.com/watch?v=-oIUKunL0-s