Bitcoin Forum

We demonstrate the extraction of secret decryption keys from laptop computers, by nonintrusively measuring electromagnetic emanations for a few seconds from a distance of 50 cm. The attack can be executed using cheap and readily-available equipment: a consumer-grade radio receiver or a Software Defined Radio USB dongle. The setup is compact and can operate untethered; it can be easily concealed, e.g., inside pita bread. Common laptops, and popular implementations of RSA and ElGamal encryptions, are vulnerable to this attack, including those that implement the decryption using modern exponentiation algorithms such as sliding-window, or even its side-channel resistant variant, fixed-window (m-ary) exponentiation.

We successfully extracted keys from laptops of various models running GnuPG (popular open source encryption software, implementing the OpenPGP standard), within a few seconds. The attack sends a few carefully-crafted ciphertexts, and when these are decrypted by the target computer, they trigger the occurrence of specially-structured values inside the decryption software. These special values cause observable fluctuations in the electromagnetic field surrounding the laptop, in a way that depends on the pattern of key bits (specifically, the key-bits window in the exponentiation routine). The secret key can be deduced from these fluctuations, through signal processing and cryptanalysis.

Excerpt from the paper https://www.tau.ac.il/~tromer/radioexp/


Source: http://bgr.com/2015/07/08/hacking-tools-pita-encryption-keys-radio-waves/

If what they claim is true, no electronic storage for private keys are safe anymore. Paper wallet unaffected :)

This was already linked in the forums... As for paper wallets, they are still not safe if the device captures readings from a printer.

That's really shocking. I really hope the researchers don't sell it to intelligence agencies anytime soon... Hopefully, countermeasures will be developed that make this kind of attack unfeasible.

If what they claim is true, no electronic storage for private keys are safe anymore. Paper wallet unaffected :)

Countermeasure is already there. You need to keep your electronic device containing your private key inside Faraday Cage (https://en.wikipedia.org/wiki/Faraday_cage).

None of these things effect _storage_; they potentially effect key generation and signing. When the key is at rest, no issue.  All of the "paperwallet" utilities I've seen are _highly_ vulnerable to sidechannel attacks. Worse, many are just webpages which are vulnerable to a littany of additional attacks.

Meanwhile, Bitcoin core is already hardened against this sort of thing.


It often seems to be the case that people spread FUD around fringe concerns with recommended actions that would actually make people less safe. One of the great mysteries of Bitcoin.

How would this affect the hardware wallets? Considering you need the unique chip to be inserted to access coins, wouldn't something like a Ledger wallet be safe or safer at least?

Thanks for the clarification. But, it is not nice to argue that PaperWallets are unsafe just to back up electronic storage. PaperWallets are not supposed to be generated online and offline generations are quite safe. If someone dowaloads bitaddress.org source code from Github and generates PapaerWallet in an offline (which I assume is not in the vicinity of this new gadget), then what is wrong with it ?

It is all over for cryptos based on this technology.

My take is that you would have to be James Bond to pull it off.

After reading this, I had a scary thought: what if hardware wallet companies made this technology easy to obtain and use, allowing anyone to compromise wallets on devices such as laptops, and in turn forcing Bitcoiners to purchase a Trevor or something similar.