TEMPEST Attacks Against AES

Side-channel attacks can recover secret keys from cryptographic algorithms (including the pervasive AES) using measurements such as power use. However, these previously-known attacks on AES tend to require unrestricted, physical access to the device. Using improved antenna and signal processing, Fox-IT and Riscure show how to covertly recover the encryption key from two realistic AES-256 implementations while:

1. Attacking at a distance of up to 1 m (30 cm in realistic conditions; “TEMPEST”),
2. Using minimal equipment (fits in a jacket pocket, costs less than €200) and
3. Needing only a few minutes (5 minutes for 1 m and 50 seconds for 30 cm.) To the best of our knowledge, this is the first public demonstration of such covert attacks from a distance.

📊 Slides | 🌍 Event | 🎥 Video