This Palm-Sized Bug Wirelessly Steals Laptop Crypto Keys

By Jamie Condliffe on at

This self-contained snooping device can steal data from laptops within 50 centimetres of it, sniffing out information based on the radio waves that leak from processors as a result of their variations in power use. And, as its designers point out, it’s small enough to fit inside a pitta bread.

Developed by researchers from Tel Aviv University and Israel’s Technion research institute, the device is built from components that total less than £200. While it uses techniques that have been demonstrated in the past (researchers have long known that the signals emitted by processors as they churn through calculations can be hijacked in order to obtain information) the team points out that it’s the smallest, cheapest implementation to date.

The Portable Instrument for Trace Acquisition — PITA for short — is fairly simple: a wire loop constitutes an aerial, while a Rikomagic controller chip and Funcube software-defined radio provide the brains. It can store its eavesdroppings to an on-board SD card or beam them via Wi-Fi to a nearby computer. The team were able to shrink the system down to this scale by only sampling the signals emanating from a nearby computer intermittently as opposed to continuously, allowing the batteries to last far longer.

This $300 Palm-Sized Bug Wirelessly Steals  Laptop Crypto Keys

So far, the team has show that that the device can be used to extract encryption keys stored by GnuPG — a version of the PGP encryption system — but it should in theory work with others, too. And while ensuring such a piece of hardware can be placed within half a metre of a laptop may sound difficult, at least it’s small enough to be secreted inside an innocuous-looking disguise. We’ll always be far more sceptical of nearby felafel sandwiches in the future. [Scribd via Wired]