The perfect operating system does not exist and it is practically impossible to create one that is 100% secure. Recently, security researchers have managed to carry out a attack on iOS and Android devices which successfully steal cryptographic keys used to protect Bitcoins, Apple Pay accounts, and other high-value assets. The exploit It is what cryptographers call a non-invasive side channel attack and it works against the Elliptic Curve Digital Signature Algorithm, an encryption system widely used because it is much faster than many other encryption systems.
The attack works putting a probe near a device mobile while doing cryptographic operations, at which point an attacker can measure enough magnetic emanations to fully extract the secret key that identifies the end user's data or end transactions. In addition, it can also be done if you have physical access to the terminal, in this case by connecting an adapter to the USB charging cable.
An attacker can measure these physical effects non-invasively using a $ 2 magnetic probe placed near the device, or with a makeshift USB adapter connected to the phone's USB cable and a USB sound card. With these measures, we were able to fully extract OpenSSL and CoreBitcoin secret signature keys on iOS devices. We also show partial key output from OpenSSL running on Android and CommonCrypto on iOS.
Android is also vulnerable to this attack
iOS 9 is no longer vulnerable This attack due to added security in the new version that prevents side channel attacks, but even users who have the latest version of Apple's mobile operating system installed can be in danger depending on the third-party application that we use. One vulnerable iOS application is CoreBitcoin, since it uses its own cryptographic implementation and not the iOS CommonCrypto library. CoreBitcoin developers told the researchers that they planned to replace their current crypto library with one that is not vulnerable to this attack. The latest version of Bitcoin Core is out of the woods.
On the other hand, the researchers also said that they managed to partially extract the key from an Xperia X10 with Android, but they assured that they could do so and cited another team of researchers who found a similar vulnerability in Android version from the BouncyCastle crypto library.
But do not spread panic. Although they explain that it can be done by being near a device when using one of the vulnerable applications, we cannot say that it is easy to do everything necessary to extract these keys. The normal thing would be that they have physical access to the device, something similar to all the ways of "hacking" the device. touch ID that exist. Of course, as always, the best thing in terms of security is to always have the latest version of the operating system used by our device installed.
