49 research outputs found
Synesthesia: Detecting Screen Content via Remote Acoustic Side Channels
We show that subtle acoustic noises emanating from within computer screens
can be used to detect the content displayed on the screens. This sound can be
picked up by ordinary microphones built into webcams or screens, and is
inadvertently transmitted to other parties, e.g., during a videoconference call
or archived recordings. It can also be recorded by a smartphone or "smart
speaker" placed on a desk next to the screen, or from as far as 10 meters away
using a parabolic microphone.
Empirically demonstrating various attack scenarios, we show how this channel
can be used for real-time detection of on-screen text, or users' input into
on-screen virtual keyboards. We also demonstrate how an attacker can analyze
the audio received during video call (e.g., on Google Hangout) to infer whether
the other side is browsing the web in lieu of watching the video call, and
which web site is displayed on their screen
The Impostor Among US(B): Off-Path Injection Attacks on USB Communications
USB is the most prevalent peripheral interface in modern computer systems and
its inherent insecurities make it an appealing attack vector. A well-known
limitation of USB is that traffic is not encrypted. This allows on-path
adversaries to trivially perform man-in-the-middle attacks. Off-path attacks
that compromise the confidentiality of communications have also been shown to
be possible. However, so far no off-path attacks that breach USB communications
integrity have been demonstrated.
In this work we show that the integrity of USB communications is not
guaranteed even against off-path attackers.Specifically, we design and build
malicious devices that, even when placed outside of the path between a victim
device and the host, can inject data to that path. Using our developed
injectors we can falsify the provenance of data input as interpreted by a host
computer system. By injecting on behalf of trusted victim devices we can
circumvent any software-based authorisation policy defences that computer
systems employ against common USB attacks. We demonstrate two concrete attacks.
The first injects keystrokes allowing an attacker to execute commands. The
second demonstrates file-contents replacement including during system install
from a USB disk. We test the attacks on 29 USB 2.0 and USB 3.x hubs and find 14
of them to be vulnerable.Comment: To appear in USENIX Security 202
Snapshot-Oblivious RAMs: Sub-Logarithmic Efficiency for Short Transcripts
Oblivious RAM (ORAM) is a powerful technique to prevent harmful data breaches. Despite tremendous progress in improving the concrete performance of ORAM, it remains too slow for use in many practical settings; recent breakthroughs in lower bounds indicate this inefficiency is inherent for ORAM and even some natural relaxations.
This work introduces snapshot-oblivious RAMs, a new secure memory access primitive. Snapshot-oblivious RAMs bypass lower bounds by providing security only for transcripts whose length (call it c) is fixed and known ahead of time. Intuitively, snapshot-oblivious RAMs provide strong security for attacks of short duration, such as the snapshot attacks targeted by many encrypted databases.
We give an ORAM-style definition of this new primitive, and present several constructions. The underlying design principle of our constructions is to store the history of recent operations in a data structure that can be accessed obliviously. We instantiate this paradigm with data structures that remain on the client, giving a snapshot-oblivious RAM with constant bandwidth overhead. We also show how these data structures can be stored on the server and accessed using oblivious memory primitives. Our most efficient instantiation achieves O(log c) bandwidth overhead. By extending recent ORAM lower bounds, we show this performance is asymptotically optimal. Along the way, we define a new hash queue data structure—essentially, a dictionary whose elements can be modified in a first-in-first-out fashion—which may be of independent interest
How to Construct a Leakage-Resilient (Stateless) Trusted Party
Trusted parties and devices are commonly used in the real world to securely perform computations on secret inputs. However, their security can often be compromised by side-channel attacks in which the adversary obtains partial leakage on intermediate computation values. This gives rise to the following natural question: To what extent can one protect the trusted party against leakage?
Our goal is to design a hardware device that allows parties to securely evaluate a function of their inputs by feeding with encoded inputs that are obtained using local secret randomness. Security should hold even in the presence of an active adversary that can corrupt a subset of parties and obtain restricted leakage on the internal computations in .
We design hardware devices in this setting both for zero-knowledge proofs and for general multi-party computations. Our constructions can unconditionally resist either leakage or a strong form of ``only computation leaks\u27\u27 (OCL) leakage that captures realistic side-channel attacks, providing different tradeoffs between efficiency and security
Get Your Hands Off My Laptop: Physical Side-Channel Key-Extraction Attacks on PCs
We demonstrate physical side-channel attacks on a popular software implementation of RSA and ElGamal, running on laptop computers. Our attacks use novel side channels, based on the observation that the ground electric potential, in many computers, fluctuates in a computation-dependent way. An attacker can measure this signal by touching exposed metal on the computer\u27s chassis with a plain wire, or even with a bare hand. The signal can also be measured at the remote end of Ethernet, VGA or USB cables.
Through suitable cryptanalysis and signal processing, we have extracted 4096-bit RSA keys and 3072-bit ElGamal keys from laptops, via each of these channels, as well as via power analysis and electromagnetic probing. Despite the GHz-scale clock rate of the laptops and numerous noise sources, the full attacks require a few seconds of measurements using Medium Frequency signals (around 2 MHz), or one hour using Low Frequency signals (up to 40 kHz)
Undermining User Privacy on Mobile Devices Using AI
Over the past years, literature has shown that attacks exploiting the
microarchitecture of modern processors pose a serious threat to the privacy of
mobile phone users. This is because applications leave distinct footprints in
the processor, which can be used by malware to infer user activities. In this
work, we show that these inference attacks are considerably more practical when
combined with advanced AI techniques. In particular, we focus on profiling the
activity in the last-level cache (LLC) of ARM processors. We employ a simple
Prime+Probe based monitoring technique to obtain cache traces, which we
classify with Deep Learning methods including Convolutional Neural Networks. We
demonstrate our approach on an off-the-shelf Android phone by launching a
successful attack from an unprivileged, zeropermission App in well under a
minute. The App thereby detects running applications with an accuracy of 98%
and reveals opened websites and streaming videos by monitoring the LLC for at
most 6 seconds. This is possible, since Deep Learning compensates measurement
disturbances stemming from the inherently noisy LLC monitoring and unfavorable
cache characteristics such as random line replacement policies. In summary, our
results show that thanks to advanced AI techniques, inference attacks are
becoming alarmingly easy to implement and execute in practice. This once more
calls for countermeasures that confine microarchitectural leakage and protect
mobile phone applications, especially those valuing the privacy of their users
ECDH Key-Extraction via Low-Bandwidth Electromagnetic Attacks on PCs
We present the first physical side-channel attack on elliptic curve cryptography running on a PC. The attack targets the ECDH public-key encryption algorithm, as implemented in the latest version of GnuPG\u27s Libgcrypt.
By measuring the target\u27s electromagnetic emanations, the attack extracts the secret decryption key within seconds, from a target located in an adjacent room across a wall. The attack utilizes a single carefully chosen ciphertext, and tailored time-frequency signal analysis techniques, to achieve full key extraction