Fear Of Potato Chips: Samy Kamkar’s Side-Channel Attack Roundup

What do potato chips and lost car keys have in common? On the surface, it would seem not much, unless you somehow managed to lose your keys in a bag of chips, which would be embarrassing enough that you’d likely never speak of it. But there is a surprising link between the two, and Samy Kamkar makes the association in his newly published 2019 Superconference talk, which he called “FPGA Glitching and Side-Channel Attacks.

Information on the Side

Most of Samy’s talk is devoted to explaining the nature of side-channel attacks, which he defines as “information you’re gathering from an implementation rather than the algorithm or system itself.” I found that to be a particularly instructive way to think about side-channel attacks, since they provide what is often a completely unforeseen way into a system despite there being no direct vulnerabilities of the kind usually associated with exploits, such as software bugs or weaknesses in cryptographic systems.

The world of side-channel attacks that Samy describes is a weird place where attacks can come literally out of the blue. They can squeeze information from the slightest of signals, like snooping into what a user is typing by monitoring the unique mechanical vibrations of each key, either with a microphone or by bouncing a laser off the machine to pick up induced vibrations. Ultrasonic attacks based on electrostrictive vibrations of capacitors that betray the internal state of the target machine are possible, as are attacks based on the slight changes in power usage as a target goes through its paces. And some of these side-channel attacks can even target air-gapped machines, which is nightmare fuel for security pros.

And it’s not even just computers that can be compromised with a side-channel attack. Samy related a story of security researchers who managed to exfiltrate a normal conversation from a sealed, soundproof room simply by pointing a DSLR camera through a window at a potato chip bag on the table. The bag vibrated slightly with the air pressure changes caused by the voices in the room, enough to create a signal in the video captured by the camera. Side-channel attacks seem to be limited only by the imagination of the attacker.

Injection Detection

Samy also spent a lot of time talking about fault injection attacks. We’ve featured a few of these recently, including attacks on smart speakers using lasers to induce a signal on the MEMS microphone, making Alexa do your bidding remotely. Samy relates that and similar attacks on drone IMUs with ultrasound,  which we found fascinating. Yet wilder are temperature attacks, where memory chips are flash-frozen with a blast of propellant from a gas duster; by cooling down the capacitors in a memory chip, it can extend the discharge time long enough to remove the chip and dump its contents using another device, potentially exposing passwords or other sensitive information.

Perhaps the most interesting technique Samy explained was instruction skipping. Clock glitches are slightly malformed pulses in the normal stream of clock pulses in any computer system. Time a clock glitch just right, and you can force a CPU to skip over parts of the code it’s executing, possibly even the part that checks passwords. Voltage glitches, where the CPU is strategically starved of power, can accomplish much the same thing. Samy even detailed a few examples of glitch attacks that can be performed easily on an Arduino or even on the amazing FPGA-powered Hackaday Supercon badge.

But what about the lost car keys? Where do they fit into all of this? Starting in the early 2000s car manufacturers invented yet another way to pry money out of customers decided to increase the security of their cars by adding RFID chips to every key. Lose a key and it’ll cost you big bucks to get the security code in a new key programmed into the ignition system of the car and allow you to drive your car again. Unless, of course, you use a side-channel attack to figure out the encryption key and set up something to spoof that code so you can start the car with a plain old key. That’s just one of the many tools Samy’s talk put in everyone’s toolbox with this talk.

12 thoughts on “Fear Of Potato Chips: Samy Kamkar’s Side-Channel Attack Roundup

  1. I can imagine a major league baseball manager watching this video in despair as he realizes that there is really no way to keep the other guys from stealing your signs, no matter how much technology you throw at the problem.

    1. I loved that movie *so much*. I would love to see the scene where they break into a data center, freeze an entire server with no2 and then put its ram in another computer to get the crypto keys. The no2 dissipates, the server comes back online, and nobody is the wiser. And yes- I know that’s not plausible in its most basic form.

      1. Reality is a little more complicated.

        First you need access to the data center, where the guards and staff are familiar with the usual customers and won’t let you in without prior appointment.
        Then you need to gain access to the correct location in the DC, sometimes in a caged off area with a combination lock for the secure stuff.
        Then you need to find the correct rack, with combination locks again (different codes), IP cameras inside the racks, maglocks and reed switches on the doors.
        Then you need to maintain power, remove the server, freeze it and extract the RAM, all in the few minutes before the system raises an alarm, takes your photo and then goes full Boris from Goldeneye and dumps RAM and wipes the SSD’s in the entire rack.

        Open the door even an inch and the system nukes itself in a couple minutes max.

        That’s a common way TLS/SSH stuff is secured from my experience. IMO, it’s easier to lift keys via a remote attack rather than try to physically access a server.
        Harder to get arrested using wifi at Starbucks than walking into a data center with a crowbar and LN2 dewar. :D

  2. I call it bull shit. A typical DSLR records at 60fps (he mention 60Hz in the video as well), that’s just too slow for human voice. What the hell does “pixel changing many many times, more than 60 times per second” mean”? Each frame is still captured 1/60 a second. There are lots of micro vibration that will become noise on a bag of potato chips. I would need to see a proof in a real world environment to believe.

      1. Thanks. But I will still call it BS. There must be tons of parameters in their algorithm and I bet they spent tons of time tweaking the parameters to get the result they want. When they know what was being played, in an controlled environment, using pure notes, they can match the parameter to reproduce the source. Even with high-speed camera, I doubt people can recognize the speech without hearing the original first. A laser or infrared microphone would be far more efficient and effective.

        1. The color of a pixel is the average color over the exposure time. You might be able to correlate the recorded pixel color with a vibration frequency when the actual color can be deduced from a neighbouring pixel.

          Not trivial, and maybe almost impossible. But…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.