CybersecurityVulnerability Found in Widely Used Method for Securing Phone Data
Researchers demonstrated a new way of attacking two different types of low-end Android phones. The attack relies on placing a radio sensor within a few centimeters of a device, close enough to detect the weak radio waves that are inadvertently emitted by a phone’s processor.
Their paper, presented on September 10 at the 6th IEEE European Symposium on Security and Privacy, demonstrates successful attacks on two different types of low-end Android phones, a ZTE Zfive and an Alcatel Ideal. In accordance with standard practice, the researchers reported their findings to software developers before releasing their results so that the problem can be fixed.
The attack relies on placing a radio sensor within a few centimeters of a device, close enough to detect the weak radio waves that are inadvertently emitted by a phone’s processor. By witnessing a single secure web transaction transmitted in these signals, an attacker can figure out a user’s secret key, a form of numerical password that is used to encrypt their data.
“It demonstrates that a really powerful attack, one that can actually steal the key, can be done under realistic conditions,” said Milos Prvulovic, professor of Computer Science at Georgia Tech and coauthor of the study. “How many times have you put your phone down on a desk at the airport and not checked what’s under the desk?”
Fortunately, the researchers found a relatively straightforward fix. Implementing this fix is currently in progress, and will be important. If researchers can figure out how to make the attack work on high-end phones, then the same vulnerability will occur on billions of the most widely-used modern devices.
Hacking a Phone from the Side
Secret keys or encryption keys are often used for securing user data. Once the attacker has access to a user’s encryption keys, they can forge their “digital signature” and gain access to banking data, for example. Because the newly discovered attack should work on a wide variety of phones in everyday use, it is expected to require prompt amendment to the relevant security standards, RFC 7748.
The attack targets a standard encryption process employed in a wide range of online activities, such as logging into a virtual private network (VPN), creating a secure web connection with a bank, or e-signing a digital document. During this process, two endpoints on a network, such as two phones, must exchange a series of messages to verify each other’s identity. If they cannot verify that they are who they say they are, then they know not to send private data.
