Video-Based Cryptanalysis: Extracting Cryptographic Keys from Video Footage of a Device’s Power LED
Ben Nassi
Abstract:
In this talk, we present video-based cryptanalysis, a new method to recover secret keys from a non-compromised device by analyzing video footage obtained from a device's power LED. We show that cryptographic computations performed by the device's CPU change the power consumption, affecting the brightness/color of the device's power LED. Based on this observation, we show how attackers can exploit commercial video cameras (e.g., of an iPhone 13 Pro Max or an Internet-connected security camera) to recover secret keys from devices. This is done by obtaining video footage from a device's power LED (by filling the frame with the LED) and exploiting the video camera's rolling shutter to increase the sampling rate by three orders of magnitude from the FPS rate (60-120 measurements per second) to the rolling shutter speed (60K measurements per second in iPhone 13 Pro Max). The frames of the video footage of the device's power LED are analyzed in the RGB space, and the associated RGB values are used to recover the secret key by inducing the power consumption of the device from the RGB values. We will show video demonstrations of the application of two side-channel cryptanalytic timing attacks used to recover: (1) a 256-bit ECDSA key from a smartcard by analyzing video footage obtained from the power LED of the smartcard reader via a hijacked Internet-connected security camera located 16 meters away from the smartcard reader, and (2) a 378-bit SIKE key from a Samsung Galaxy S8 by analyzing video footage obtained from the power LED of Logitech Z120 USB speakers that were connected to the same USB Hub (that was used to charge the Galaxy S8) via iPhone 13 Pro Max. Finally, we discuss countermeasures, limitations, and the future of video-based cryptanalysis in light of the expected improvements in video cameras' specifications.
Bio:
Dr. Ben Nassi is a postdoctoral researcher at Cornell Tech and an Urban Tech postdoctoral fellow. Ben investigates the security and privacy implications of the interaction between systems/algorithms and the physical world in two verticals: side-channel attacks and AI security. His research has been presented at top academic conferences, published in journals and Magazines, and covered by international media. Ben has spoken at prestigious industrial conferences and he serves as a PC member in ACM CCS (22 and 23) and Black Hat (22 and 23).