A vulnerability discovered in the openSSL library could compromise the secrecy of a device’s cryptographic key.
Scientists, from the University of Michigan’s electrical engineering and computer science departments have found a way to extract the private SSL key from a device by creating fluctuations in the power supply and reading the output whilst the device was encrypting data using the private key.
Valeria Bertacco, Todd Austin and Andrea Pellegrin describe in their paper how they varied the voltage levels at the sender end to make faulty encryptions. This helped them recreate the private key by combining a number of fragments, achieved in the process. The complete operation took 100 hours for an 1024-bit RSA private key.
The researchers demonstrated their attack on a Xilinx Virtex2Pro FPGA configured as a SPARC processor, running Linux kernel 2.6.21 with version 0.9.8i of the OpenSSL library. By carefully regulating the power supplied to the machine, they were able to cause the OpenSSL library to make small errors in calculating cryptographic signatures. After enough of these flawed signatures were collected, the researchers used an 81-machine cluster of 2.4 GHz Intel Pentium4-based systems running Linux, along with a special algorithm, to discover the entire private key used to generate those signatures.
They say the bug is easily fixed by applying cryptographic “salt” to an underlying error-checking algorithm. The additional randomization would make the attack unfeasible.
An unnamed OpenSSL official said engineers are in the process of pushing out a patch and stressed the attack is difficult to carry out in real-world settings since the assailant would need access to the device’s power supply. Yet, a variety of handheld devices such as smartphones or netbooks employ such cryptographic implementations and are susceptible to this kind of attack.
