Modern cybersecurity depends on machines keeping secrets. But computers, like poker-playing humans, have tells. They flit their eyes when they've got a good hand, or raise an eyebrow when they're bluffing—or at least, the digital equivalent. And a hacker who learns to read those unintended signals can extract the secrets they contain, in what's known as a "side channel attack.".
Side channel attacks take advantage of patterns in the information exhaust that computers constantly give off: the electric emissions from a computer's monitor or hard drive, for instance, that emanate slightly differently depending on what information is crossing the screen or being read by the drive's magnetic head. Or the fact that computer components draw different amounts of power when carrying out certain processes. Or that a keyboard's click-clacking can reveal a user's password through sound alone.
"Usually when we design an algorithm we think about inputs and outputs. We don’t think about anything else that happens when the program runs," says Daniel Genkin, a computer scientist at the University of Michigan and a leading researcher in side channel attacks. "But computers don’t run on paper, they run on physics. When you shift from paper to physics, there are all sorts of physical effects that computation has: Time, power, sound. A side channel exploits one of those effects to get more information and glean the secrets in the algorithm."
For a sufficiently clever hacker, practically any accidental information leakage can be harvested to learn something they're not suppos ..
Support the originator by clicking the read the rest link below.
