If the device puts about 1 meter around the hacked machine, it will take up to 5 minutes to get the encryption key segment. If the distance is shorter than 30 cm, the device only needs 50 seconds. Theoretically, the closer the attacker is to the target, the stronger the electromagnetic wave, the shorter the time needed to steal the encryption key.
Inside, the device works by recording electromagnetic waves exiting the computer next to it, calculating the power consumption skyrocketing.
'This is useful because part of the electricity consumption is dependent on the amount of data that the device has to handle', the researchers say, 'this is the data we exploit to get the key segment' .
Experts say they can determine cascblock where the encryption key is applied through the surge in power consumption needed to calculate, using the AES256 algorithm. Once discovered, they will move on to the next step '.
The tool is set up inside the sealed box
Now we will get the key by correlating and predicting [.] like attackers, we don't know the key [encryption] . but we can make predictions and correlations. with all 256 values available from the key segment. The value with the highest correlation will be the correct value. In this way, we only need a few seconds to guess the correct value for each byte (256 choices per byte, with 32 bytes totaling 8192 guesses). Conversely, a properly used trial and error attack with AES256 will require 2256 guesses and will never be completed.
Theoretically, the device is ready to attack network encryption devices in data centers or air-gap networks, and even regular computers.
However, the group's experiment only performed in isolated environments, where both the target and the attack tool were separate from external electromagnetic waves. It is not clear whether the attack in the real environment will produce the right result, because it will be affected by the electromagnetic waves of other surrounding devices.
Attack environment in the laboratory
This study was documented in the name of TEMPEST Attack taking AES . Van Eck Phreaking attacks were also carried out earlier in similar reports. A group of scientists from Israeli University also used a similar attack to get the encryption key from a computer in the next room, through a thin wall. Another project by Australian and Israeli researchers took encryption keys from electromagnetic waves of Android and iOS devices.