"Researchers Discover Vulnerability in Widely-Used Method for Securing Phone Data"
Researchers at the Georgia Institute of Technology demonstrated an attack on two different types of low-end Android phones, a ZTE Zfive and an Alcatel Ideal. These attacks showed that one of the measures put in place to secure data on a low-end phone could be misused by attackers to steal it. The attack involves placing a radio sensor close enough to a device to detect weak radio waves inadvertently emitted by a phone's processor. An attacker can figure out a user's secret key by looking at a single secure web transaction transmitted in the signals. Milos Prvulovic, professor of Computer Science at Georgia Tech and co-author of the study, said it proves that a significantly powerful attack, capable of stealing secret keys, can be performed under realistic conditions. The attack targets a standard encryption process used in various online activities during which two endpoints on a network exchange a series of messages to verify each other's identity. If they are unable to verify their identities, then they will know not to send private data. Verifying one's identity amounts to executing a specific type of encryption algorithm involving a series of operations on a secret key called a nonce, which can be represented as a binary number. A phone's processor emits a weak radio signal for each operation that it carries out. That signal is thousands of times weaker than the signal of a Wi-Fi transmitter. These signals are considered side-channel emissions because they do not come from the phone's primary channels of communication. The constant-time algorithm meant to countermeasure side-channel attacks is what allows the researchers' attack to work. If the researchers can make the attack work on high-end phones, the same vulnerability could impact billions of widely-used modern devices. This article continues to discuss the flaw found in the widely-used method for securing phone data.