Side-Channel Emissions: A Nefarious New Portal to Hack Attacks

With the recent Sony and iCloud breaches, the protection of electronics and data now garners mainstream news headlines. However, researchers at Georgia Tech have begun combatting an entirely new kind of hack. By analyzing the low-power electronic signals from laptops and smartphones, hackers can see what you’re doing—even without hooking up to a potentially unsecure network. Known as side-channel signals, researchers are now investigating where these “information leaks” originate to help hardware and software designers “plug” the gaps.

According to the research team, the side-channel emissions are measurable from several feet away using a variety of methods. Electromagnetic emissions can be received using hidden antennas or acoustic emissions, while sounds produced by electronic components can be picked up by hidden microphones. Also, fake battery chargers plugged into adjacent outlets will measure data on power fluctuations, which translate into the operations performed by computers. Simple AM/FM radios can even pick up some signals.

As part of a demonstration, Alenka Zajic, an assistant professor at Georgia Tech’s School of Electrical and Computer Engineering, modified keyboard software to make the characters easier to identify, showing just how easily it can be done. Nothing was added to the code to raise any serious suspicion—it just looked like a less efficient version of normal keyboard driver software. In many applications, including spell-check, grammar-checking, and display-updating, the existing software contains enough loopholes to carry out an attack.

Watch a video from Georgia Tech on side-channel emissions below:

There’s not much literature on hackers currently using side-channel emissions, but the team believes it’s only a matter of time before it becomes more commonplace. By determining where the leaks originate, the team can help manufacturers mitigate potential attacks by redesigning components from an architectural level. Each computer operation has a different leak potential—for instance, processors that draw different amounts of power creating measurable fluctuations, or the “loud” power draw of saving data to memory.

Noticing these fluctuations, the team developed a metric known as “signal available to attacker” (SAVAT) to measure the strength of the signal emitted. They then measured the SAVAT for 11 different instructions on three different laptops. They found that the largest signals were produced when the processors accessed off-chip memory. The team is now studying smartphones, where compact design and large differential between idle and in-use power modes mean extreme vulnerability.

While the technology seems rudimentary, with much focus being placed on securing the Internet/wireless communication side of things, hackers can nonetheless use these techniques to do some serious damage. Passwords can be stolen while they are being typed just by intercepting the side-channel signals produced by a keyboard’s software, reading them from a disconnected laptop in an adjoining room. The passive nature of the hack makes it impossible for the victim to notice anything going on.