Details of a possible weakness in the way modern microchips process cryptographic information have been published by an international team of researchers.
The flaw could let a hacker steal the cryptographic keys used to protect sensitive communications and financial transactions, simply by monitoring the amount of effort the microchip is expending, the researchers claim.
Jean-Pierre Seifert, who is affiliated with the University of Haifa, Israel, and the University of Innsbruck, Austria, and colleagues posted their findings online on Saturday.
Advertisement
The team say the problem is the result of a trick employed by modern microchips to speed up information processing, called 鈥渂ranch prediction鈥. This involves second-guessing whether the logical flow of a computer program will follow one branch or another, prior to its actual execution.
Spy software
Branch prediction lets a modern microprocessor perform the same type of function again and again very rapidly. However, if a chip suddenly needs to perform another type of operation, or makes a mistaken branch prediction, the amount of work it has to perform, and the time required, will suddenly increase.
Understanding this effect and monitoring these fluctuations over time can reveal crucial details about encryption keys being processed, the researchers say. Although similar techniques have been proposed in the past, they have involved monitoring a chip for much longer periods.
The researcher claim to have used the attack method, dubbed 鈥淪imple Branch Prediction Analysis鈥, to work out a highly-security 512-bit encryption key in just a few thousandths of a second. The key is of a type widely used to secure both online financial transactions and email messages against eavesdropping.
鈥楬orrendously complicated鈥
The researchers suggest that a small piece of software, hidden on a target computer, could pick up cryptographic keys covertly. 鈥淪ecurity has been sacrificed for the benefit of performance,鈥 Seifert told French newspaper Le Monde.
Markus Kuhn, a cryptography researcher at the University of Cambridge, UK, says programmers typically try to guard against so-called 鈥渢iming attacks鈥 but notes that it can be difficult to foresee every potential problem. 鈥淢odern processors are horrendously complicated and do a lot behind the scenes,鈥 he told 快猫短视频.
Although Simple Branch Prediction Analysis requires spy software to be installed on a target computer, Kuhn says this would be relatively simple if the computer system is open to more than one user. 鈥淚f it鈥檚 a multi-user machine, then it鈥檚 quite a feasible threat,鈥 he says.
Seifert will present details of the attack at the RSA Security conference, in February 2007.