Electromagnetic interference is turning into a weapon against computers and sensitive electronics.
In the middle of the Second World War, the US Army Signal Corps suddenly realised they had a problem with their encrypted communications. The Bell Telephone machine, used to encode signals using the army's rotor-based key generator, would create a spike on an oscilloscope in a remote part of the lab every time the machine changed its output. Worse, the spikes depended on the signal passing through, making it possible to recover the plain text being fed to the encryption machine.
Officers were at first hesitant to halt the use of the system. But they allowed an experiment that placed Bell engineers 25m away, on the other side of the street in New York from the office that housed one of the Signal Corps' cryptocentres. They listened for an hour and, within four hours, demonstrated they were able to recover three-quarters of the messages being sent out. Bell spent the next six months fixing the machinery to stop it spewing out high levels of electromagnetic interference (EMI).
The Tempest standard
Later, as the Cold War progressed, the military worried that increasingly sensitive equipment could pick up EMI from other encryption equipment. The US National Security Agency and Nato came up with a set of standards under the Tempest banner as awareness spread of how easy it could be to recover data not just from network cables but the stray RF resulting from electrons striking the phosphors on the surface of a cathode ray tube monitor. Equipment suppliers to the government and military were quick to shield their products to the Tempest standard and the problem receded into the background.
Now it's the other way round. Intentional electromagnetic interference (IEMI) is being used as a way of breaking into systems or disrupting their behaviour, an accelerator for one of the most insidious methods for revealing the secrets that lie inside integrated circuits. Electronic circuits provide a number of clues as to what is going on inside them, ranging from electromagnetic emissions themselves through heat, sound and even subtle changes in response time. These emissions do not play a part in the operation of the circuit itself - they are simply side effects of it working - which gives the hacking technique its name of side-channel analysis.
Hugo Fiennes, CEO and co-founder of Electric Imp said at the ARM TechCon conference in late 2014: "The Chaos Computer Club did it over the Internet by measuring timing. There was a frightening amount of jitter. But it can be done. If you are much closer to the system, you can track the power signature and, with that, you can see the decoding happen."
Unless electronics engineers have inserted countermeasures into their circuit designs, most of the algorithms used to encrypt and decrypt data take different lengths of time to perform depending on the data and the supposedly secure keys they use. The most commonly used encryption systems rely on modulo arithmetic and employ a mixture of exponentiation - typically squaring - and multiplication, encoding a message using a supposedly secret key one bit at a time.
In the binary field (or modulo) arithmetic typically used in crypto systems, squaring is an extremely simple operation: all you have to do is shift the data left one location towards the most significant bit. This takes many fewer cycles than the shift-and-add serial multiplication algorithm that are used by low-end microcontrollers, the kind of hardware used in early smartcard systems. What happens at each bit position depends on the key bit. If it is 0, the operation will be to square the data. A shift and multiplication will occur on a key bit of 1.
Simply by looking at how much time it takes to process the messages, assuming they are in a position to feed the circuitry with enough data, an attacker can work out what each of the key bits are. If the microcontroller has a dedicated multiplier, its greater complexity will lead to it demanding more energy from the power supply than the simple shift needed for the squaring operation. This, in turn, will generate more heat and EMI, providing other ways to estimate the changes in workload.
Simple power analysis proved highly effective low-integration ICs, such as those in early smartcards, where there is little other on-chip activity to mask the behaviour of the target circuit. It was possible for researchers to capture RSA keys using just 1,000 rounds of encryption. But most of the high-value data lies inside much more complex devices that have circuitry performing unrelated work. For this reason, simple power analysis is not generally very useful, although it has served to uncover the encryption keys processed by low-end microcontrollers.
Proposed by Paul Kocher, founder of Cryptography Research, in 1999 at the same time as its simpler sibling, differential power analysis (DPA) is a statistical take on side-channel attacks that continues to prove effective at uncovering sensitive information even when the important signal should be buried in noise. The key is correlation. DPA involves the attacker making a model of the target circuit that estimates its power consumption or other emissions based on the key bits it is processing. According to Patrick Schaumont, associate professor at VirginiaTech, the model does not need to be sophisticated. It justs needs to be accurate enough to correlate with the electrical activity in the target.
Over a large number of guesses and measurements, the correlated results will separate out and begin to stand out from the noise. As more measurements are taken, the more any uncorrelated noise is reduced. Over the past 15 years, the technique has become more accessible, culminating in the ChipWhisperer, an open-source resource for performing side-channel analysis developed by Colin O'Flynn and Zhizhang Chen.
The ChipWhisperer does not just allow passive analysis, the hardware is designed to make it possible to trigger faults in the circuitry by manipulating the clock and power signals. These can uncover vital information in circumstances where the original circuit designers tried to remove the information differences between different steps in the cryptographic process.
Different forms of attack
"Glitching is where it gets very, very freaky. You might reset the chip after 200 clocks and then stop it or stop it after just half a clock in the hope that it will show something," says Fiennes.
Watchdog circuitry on a chip can detect this glitching because it is so intrusive. IEMI provides a more subtle form of messing with circuitry. Peter Ateshian, a researcher at the Naval Postgraduate School in Monterey, California and also at Dutch security specialist Riscure, says: "If we can't break it we go to photons and high-energy lasers."
The doped silicon structures inside all ICs are sensitive to various frequencies of light, forcing transistors to conduct when they should be switched off. These attacks have proved to be highly effective at disrupting the behaviour of the random-number generation circuits that are used to provide supposedly secure private keys.
"Random number generators, it turns out, we can easily defeat using a laser aimed at the backside of the chip. The generator starts to give you predictable answers," says Ateshian, adding that laser pulses synchronised to the clock frequency can force parts of the circuitry to behave differently to designers' expectations.
Another form of attack was discovered by researchers from Tohoku University in Sendai, Japan. This uses IEMI coupled onto the power supply rail to try to disrupt circuitry. Typically the interference is a sine wave. The attacker gradually ramps up the amplitude until the circuit behaviour begins to change. In principle, the attack can be countered by putting the ferrite beads designed for preventing interference from communications cable coupling onto the power-supply lines but these can have a limited frequency range - the attacker could ramp up the frequency to overcome the effects of the filter.
Later work found that the attack could be carried out at longer distances than those that use lasers, as long as the hacker has access to the power supply to the system and to a network port. By triggering faults, the attacker could pick up information from the changes in how long it takes the victim system to respond to requests as the interference is ramped up.
The power supply provides one way to mount another, more obvious form of attack, particularly for critical infrastructure such as the electricity supply and the railways - two key focus areas for an EU-funded research project, Secret, that is trying to find ways to deal with the problem. Ramping up the EM intensity changes the goal from uncovering secrets to disrupting operations entirely.
The scale of disruptive IEMI attacks can vary from simply preventing someone from locking their car in order to steal it later through to large-scale disruption as the result of a massive electromagnetic pulse emitted from a generator mounted on a UAV or the back of a pickup truck.
October 2012 saw Boeing demonstrate an IEMI missile: the Counter-electronics High-powered microwave Advanced Missile Project (CHAMP). The CHAMP directs a microwave-frequency beam at the target building, disabling unprotected electronics inside. Unlike conventional weaponry, a successful sortie does not even result in the missile's destruction. A 2012 test had the UAV fly for an hour, targeting several buildings, before flying to a recovery location.
Michael Caruso, director of government and specialty business development at ETS-Lindgren, estimates a truck-mounted EM weapon using readily available components "would take out a building or elements of an entire city block".
Caruso adds: "All modern electronics are highly vulnerable and as they become more compact over time the vulnerability is increasing. Many in the business of supporting critical infrastructure are not aware of the threat not only from criminals but terrorist organisations as well. Despite the presence of these groups there is a prevailing comment that comes back that it can't happen."
Protect and defend
Data centres with a requirement for high uptime are beginning to look at ways to protect themselves. These installations have one advantage over other systems, such as those used in healthcare, because they are sizeable but concentrated in one location. The individual computers themselves may be protected only to an electric field strength of 10V/m and so cannot withstand the 10kV/m likely to result from a truck-mounted device being triggered. But placing the computers inside a welded or prefabricated metal enclosure - providing a more or less complete Faraday cage - will effectively protect them.
Cable-based attacks are tougher to defend against but it is possible to build isolation shields that reject sizeable current pulses. They are, after all, not dissimilar to those that result from a nearby lightning strike.
A problem when it comes to evaluating the likely effects of IEMI - at least for comparatively low levels that may simply upset a system rather than lock it up completely - is that the results vary widely. A study by researchers from the Swiss Federal Institute of Technology, the French Network and Information Security Agency (ANSSI) and the Pierre and Marie Curie University, Paris, performed simulations using CST's Cable Studio software and CRIPTE from ESI before moving on to experiments to see how IEMI conducted down power cables could upset electronics. They found the effective radiation coupled into the system strongly depends on how cables are attached and laid out.
This uncertainty makes it tough to gauge how well a particular system will fare against a range of attacks. The most pernicious could well be short-lived interruptions caused by someone with a portable IEMI generator that sends out pulses long enough to cause reboots but of such short duration that they are tough to detect.
"Unlike a cyber attack where fingerprints can often be found for forensic analysis, an IEMI attack is so rapid that systems will not record the event," says Caruso.
Research is under way in another EU programme, Structures, to find ways to detect IEMI attacks. A detector developed at the University of York, the University of Applied Sciences and Arts of Western Switzerland, Leibniz University and Montena Technology could be cheap enough to use as an Internet-of-Things device, using comparatively simple and low-power electronics attached to a broadband antenna.
Although software indiscipline attracts most attacks, as that low-hanging fruit disappears, the underlying hardware could become more of a target.