According to a new research, digital data, mostly financial, is under threat on Android and iOS phones since the crypto keys used with Bitcoin wallets and Apple Pay can be stolen. A cryptographic (crypto) key is the core part of cryptographic operations used commonly in digital asset transactions where a variable data is provided as input to a cryptographic algorithm to execute a specific operation.
The non-invasive attack can be conducted by merely placing a magnetic probe in the proximity of the device or using a power tap on the USB charging cable. It does not require any malicious software to be installed on the device or opening the device’s case to interfere with hardware. The attack may seem as a minor one, however, a stolen crypto key could result in the loss of the financial data of the victim. The researchers made this statement in their blog post about the topic:
“An attacker can measure these physical effects using a $2 magnetic probe held in proximity to the device, or an improvised USB adapter connected to the phone’s USB cable, and a USB sound card. Using only such measurements, one can fully extract secret signing keys.”
The attacked cryptographic algorithm,