Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations

Ben Nassi; Ofek Vayner; Etay Iluz; Dudi Nassi; Jan Jancar; Daniel Genkin; Eran Tromer; Boris Zadov; Yuval Elovici

doi:10.1145/3576915.3616620

Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations

Ben Nassi, Ofek Vayner, Etay Iluz, Dudi Nassi, Jan Jancar, Daniel Genkin, Eran Tromer, Boris Zadov, Yuval Elovici

Department of Software and Information Systems Engineering

Ben-Gurion University of the Negev

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Although power LEDs have been integrated in various devices that perform cryptographic operations for decades, the cryptanalysis risk they pose has not yet been investigated. In this paper, we present optical cryptanalysis, a new form of cryptanalytic side-channel attack, in which secret keys are extracted by using a photodiode to measure the light emitted by a device's power LED and analyzing subtle fluctuations in the light intensity during cryptographic operations. We analyze the optical leakage of power LEDs of various consumer devices and the factors that affect the optical SNR. We then demonstrate end-to-end optical cryptanalytic attacks against a range of consumer devices (smartphone, smartcard, and Raspberry Pi, along with their USB peripherals) and recover secret keys (RSA, ECDSA, SIKE) from prior and recent versions of popular cryptographic libraries (GnuPG, Libgcrypt, PQCrypto-SIDH) from a maximum distance of 25 meters.

Original language	American English
Title of host publication	CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security
Pages	268-280
Number of pages	13
ISBN (Electronic)	9798400700507
DOIs	https://doi.org/10.1145/3576915.3616620
State	Published - 15 Nov 2023
Event	30th ACM SIGSAC Conference on Computer and Communications Security, CCS 2023 - Copenhagen, Denmark Duration: 26 Nov 2023 → 30 Nov 2023

Publication series

Name	CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security

Conference

Conference	30th ACM SIGSAC Conference on Computer and Communications Security, CCS 2023
Country/Territory	Denmark
City	Copenhagen
Period	26/11/23 → 30/11/23

Keywords

Cryptanalysis
ECDSA
RSA
SIKE
Side-Channel Attack

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Computer Science Applications
Software

Access to Document

10.1145/3576915.3616620

Cite this

Nassi, B., Vayner, O., Iluz, E., Nassi, D., Jancar, J., Genkin, D., Tromer, E., Zadov, B., & Elovici, Y. (2023). Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations. In CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (pp. 268-280). (CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security). https://doi.org/10.1145/3576915.3616620

@inproceedings{3f592cd7ff484082b94d33808ad9b37b,

title = "Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations",

abstract = "Although power LEDs have been integrated in various devices that perform cryptographic operations for decades, the cryptanalysis risk they pose has not yet been investigated. In this paper, we present optical cryptanalysis, a new form of cryptanalytic side-channel attack, in which secret keys are extracted by using a photodiode to measure the light emitted by a device's power LED and analyzing subtle fluctuations in the light intensity during cryptographic operations. We analyze the optical leakage of power LEDs of various consumer devices and the factors that affect the optical SNR. We then demonstrate end-to-end optical cryptanalytic attacks against a range of consumer devices (smartphone, smartcard, and Raspberry Pi, along with their USB peripherals) and recover secret keys (RSA, ECDSA, SIKE) from prior and recent versions of popular cryptographic libraries (GnuPG, Libgcrypt, PQCrypto-SIDH) from a maximum distance of 25 meters.",

keywords = "Cryptanalysis, ECDSA, RSA, SIKE, Side-Channel Attack",

author = "Ben Nassi and Ofek Vayner and Etay Iluz and Dudi Nassi and Jan Jancar and Daniel Genkin and Eran Tromer and Boris Zadov and Yuval Elovici",

note = "Publisher Copyright: {\textcopyright} 2023 Copyright held by the owner/author(s). Publication rights licensed to ACM; 30th ACM SIGSAC Conference on Computer and Communications Security, CCS 2023 ; Conference date: 26-11-2023 Through 30-11-2023",

year = "2023",

month = nov,

day = "15",

doi = "10.1145/3576915.3616620",

language = "American English",

series = "CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security",

pages = "268--280",

booktitle = "CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security",

}

Nassi, B, Vayner, O, Iluz, E, Nassi, D, Jancar, J, Genkin, D, Tromer, E, Zadov, B & Elovici, Y 2023, Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations. in CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, pp. 268-280, 30th ACM SIGSAC Conference on Computer and Communications Security, CCS 2023, Copenhagen, Denmark, 26/11/23. https://doi.org/10.1145/3576915.3616620

Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations. / Nassi, Ben; Vayner, Ofek; Iluz, Etay et al.
CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. 2023. p. 268-280 (CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Optical Cryptanalysis

T2 - 30th ACM SIGSAC Conference on Computer and Communications Security, CCS 2023

AU - Nassi, Ben

AU - Vayner, Ofek

AU - Iluz, Etay

AU - Nassi, Dudi

AU - Jancar, Jan

AU - Genkin, Daniel

AU - Tromer, Eran

AU - Zadov, Boris

AU - Elovici, Yuval

PY - 2023/11/15

Y1 - 2023/11/15

N2 - Although power LEDs have been integrated in various devices that perform cryptographic operations for decades, the cryptanalysis risk they pose has not yet been investigated. In this paper, we present optical cryptanalysis, a new form of cryptanalytic side-channel attack, in which secret keys are extracted by using a photodiode to measure the light emitted by a device's power LED and analyzing subtle fluctuations in the light intensity during cryptographic operations. We analyze the optical leakage of power LEDs of various consumer devices and the factors that affect the optical SNR. We then demonstrate end-to-end optical cryptanalytic attacks against a range of consumer devices (smartphone, smartcard, and Raspberry Pi, along with their USB peripherals) and recover secret keys (RSA, ECDSA, SIKE) from prior and recent versions of popular cryptographic libraries (GnuPG, Libgcrypt, PQCrypto-SIDH) from a maximum distance of 25 meters.

AB - Although power LEDs have been integrated in various devices that perform cryptographic operations for decades, the cryptanalysis risk they pose has not yet been investigated. In this paper, we present optical cryptanalysis, a new form of cryptanalytic side-channel attack, in which secret keys are extracted by using a photodiode to measure the light emitted by a device's power LED and analyzing subtle fluctuations in the light intensity during cryptographic operations. We analyze the optical leakage of power LEDs of various consumer devices and the factors that affect the optical SNR. We then demonstrate end-to-end optical cryptanalytic attacks against a range of consumer devices (smartphone, smartcard, and Raspberry Pi, along with their USB peripherals) and recover secret keys (RSA, ECDSA, SIKE) from prior and recent versions of popular cryptographic libraries (GnuPG, Libgcrypt, PQCrypto-SIDH) from a maximum distance of 25 meters.

KW - Cryptanalysis

KW - ECDSA

KW - RSA

KW - SIKE

KW - Side-Channel Attack

UR - http://www.scopus.com/inward/record.url?scp=85179852242&partnerID=8YFLogxK

U2 - 10.1145/3576915.3616620

DO - 10.1145/3576915.3616620

M3 - Conference contribution

T3 - CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security

SP - 268

EP - 280

BT - CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security

Y2 - 26 November 2023 through 30 November 2023

ER -

Nassi B, Vayner O, Iluz E, Nassi D, Jancar J, Genkin D et al. Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations. In CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. 2023. p. 268-280. (CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security). doi: 10.1145/3576915.3616620

Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations

Abstract

Publication series

Conference

Keywords

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this