Get our free email newsletter

Gadget Steals Passwords out of Thin Air

Hacking by PitaA new device demonstrates just how easily hackers can steal encryption keys from nearby computers, especially in public places. A team of researchers from Israeli research centers Tel Aviv University and Technion built the gadget with off-the-shelf electronics and standard AA batteries to show just how easy it is for hackers to steal passwords in side-channel attacks. The device has to be located about a foot and a half from the victim computer in order to work. However, it fits into the palm of a hand, so attackers could hide it under a desk or tuck it into an inconspicuous object, such as a sandwich or a piece of pita bread. It is therefore appropriately called PITA (Portable Instrument for Trace Acquisition).

The researchers monitored radio signals given off by laptops and discovered that certain operations, such as playing games or decrypting files, had signature patterns of electromagnetic radiation. Using this knowledge, they built PITA, which can spy on computers by analyzing the radiation emitted by a computer’s processor.

To use the device, hackers would send an encrypted email to a targeted computer and then place the device nearby. The PITA’s antenna would pick up the distinct radio waves emitted by the computer’s processor while it decrypted the email. Hackers could use this method to snag passwords in just a few seconds, according to the researchers. The stolen data could either be stored on the PITA’s microSD card to be analyzed later or it could be transmitted over Wi-Fi to the hacker’s computer.

- Partner Content -

Shielding Effectiveness Test Guide

Just as interference testing requires RF enclosures, isolation systems in turn need their own testing. This document reviews some of the issues and considerations in testing RF enclosures.

The researchers say that similar devices can be built with just $300 worth of ordinary parts, such as a consumer-grade radio receiver or a Software Defined Radio USB dongle. Although the PITA that the researchers built only works within about 20 inches of a targeted computer, the range could be extended by using better antennas, amplifiers, and digitizers. The details are published online and the researchers plan to present their work at the workshop on Cryptographic Hardware and Embedded Systems in France in September.

Source: BGR | Tel Aviv University | Image by the researchers

Related Articles

Digital Sponsors

Become a Sponsor

Discover new products, review technical whitepapers, read the latest compliance news, and check out trending engineering news.

Get our email updates

What's New

- From Our Sponsors -

Sign up for the In Compliance Email Newsletter

Discover new products, review technical whitepapers, read the latest compliance news, and trending engineering news.