用很簡單的設備透過 Side Channel 攻擊取得 ECDSA private key:「ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels」。這次 Side Channel 只需要簡單的線圈,透著一塊玻璃也 okay:
文章裡面提到是 Tracker Pre,查了一下二手價是 USD$80:
這邊抓出了 ADD 產生出的訊號:
然後就可以利用這些訊號重建出 private key:
After observing the elliptic-curve DOUBLE and ADD operations during a few thousand signatures, the secret signing key can be completely reconstructed.
下面中獎的 library 有點多,可以看到主要是以 constant-time implementation 或是 side-channel mitigation technique 來解這個問題。