As an electrical engineer I will offer a few observations/opinions regarding this issue. Signal egress and ingress commonly occur internally and externally with communication (et al) devices. You can realistically end up with signaling artifacts on your power lines. There could be a wide variety of signaling types that could comprise signals aggregated onto these lines. Signals in the frequency range in the Mhz can propagate on power cables such as these for a short but significant distance. Much slower signals can also appear on these lines (e.g., key strokes etc.). Potentially I would say that it is possible that unencrypted data signals could be in this mix. Btw I think that the grounding cable will quickly dissipate any residue signals - assuming the device is properly grounded. The Hot power line is much more susceptible. I believe it is quite feasible that these signals can be detected externally from the box and some at distances exceeding 100 ft. This is especially true for network cables that can be detected, demodulated and decrypted at much further distances. Usually; however, these data communication signals would be encrypted on a local network but perhaps not as strongly as those destined for remote locations. I think that if there is a large enough sample and enough time then this introduces a degree of susceptibility to the security design. In summary I'd say it is a glaring hole in most contemporary security solutions.
-----Original Message----- From: Edward Ned Harvey (bouncycastle) [mailto:bouncycas...@nedharvey.com] Sent: Thursday, August 28, 2014 12:11 PM To: Sid Shetye; dev-crypto-csharp@bouncycastle.org Subject: RE: [dev-crypto-csharp] Side channel vulnerabilities: Power consumption and ground potential attacks? > From: Sid Shetye [mailto:sid...@outlook.com] > > Does anyone have comments/insights to bouncy castle's resilience to > side- channel attacks like power consumption or ground potential > attacks? Asking here since it's the crypto library that would > contribute most to the signals being analyzed. If the described attacks were real, bouncy castle would be just as susceptible as everything else in the computer, because bouncy castle runs on the CPU, using system RAM. If they were able to read protected memory contents and CPU instructions, then they would have bypassed all the system security successfully. Personally, I don't buy it. I'll wait to see if anybody debunks this, or it's proven to be non-repeatable, just plain FUD hoax. Here's my reasoning why: First, they say, despite the GHz instruction frequency, they're extracting the keys using MHz and kHz signals. Which is *nearly* implausible in and of itself, but for the sake of argument, let's just give them the benefit of the doubt. Of all the unbelievable things, the insufficient sample rate is the most nearly plausible. The part that I *absolutely* don't believe is the principle itself. They're saying they sample the ground signal, which fluctuates in a computation-dependent way. That's the core principle concept. Which could be *plausible* as a method of accessing protected memory or CPU instructions, if the keys were serialized bit by bit and sent as a serialized signal somewhere, and that serialized signal at least bled over into the ground signal a little bit. But that's not how computers work. Your CPU has a 32bit or 64bit instruction set. Every time memory is copied around, at least 32 bits get latched simultaneously, *and* the power consumption is not related to what the bits are. The power consumption is more closely related to the number of bits that change (again, not what the bits are.) Similarly, when you perform compute instructions, the power consumption is related to the number of bits that *change*, not what the bits *are*. In order to translate "number of bits that changed" into some meta-information about "what the bits are" you would need to somehow figure out the old memory contents, which would mean knowing the memory address (at least). You would really need 32 or 64 independent channels of sampling the CPU or RAM bus. Having a single channel for sampling the power consumption of the system as a whole is going to be insufficient to leak protected memory contents, even if you had a sufficient sampling rate (which they don't; by a factor of 1,000 to 1,000,000). I simply don't buy it. Physics.
