The Taub Faculty of Computer Science Events and Talks

In this talk, I will present a journey that started three years ago at the intersection between light leakage and information confidentiality. In the first part of the talk, I will present the topic of electro-optical speech eavesdropping which is based on three methods we developed to recover speech from light emitted from light bulbs (Lamphone USENIX Security 22), power LEDs of speakers (Glowworm Attack CCS 21), and from light reflected from shiny ornaments and objects (The Little Seal Bug - BH Asia 22). We will discuss the threat model and its significance with respect to related works, and hear speech recoveries from light measurements (obtained by a photodiode) 25-35 meters away. In the second part of the talk, I will present visual cryptanalysis, a new method to recover secret keys of three different cryptosystems (RSA, ECDSA, and SIKE) by obtaining optical traces from power LEDs of various devices (Galaxy S8, card reader, Raspberry Pi) that run common cryptographic libraries (GnuPG, Libgcryipt, and PQCrypto-SIDH), using a photodiode located 25 meters away. We will discuss the new threat model and its significance with respect to related works, and understand the origin of the vulnerability. At the end of the talk, I will present an ECDSA key recovery of a smart card using a video taken by a security camera placed 2.5 meters from the power LED of a card reader by exploiting the rolling shutter of video cameras. Bio: Dr. Ben Nassi is a postdoctoral researcher in the Software and Information Systems Engineering department at the Ben-Gurion University of the Negev and soon to be a postdoctoral researcher at Cornell Tech. He is interested in building robust systems and investigating the security and privacy of cyber-physical systems (drones, semi-autonomous cars) and hardware/devices (microcontrollers, smartphones, smart cards) in the topics of side-channel attacks, AI robustness, and applied cryptography using signal processing and machine learning techniques. His research has been presented at top academic conferences (S&P, CCS, USENIX Security, UbiComp) published in journals (IEEE TIFS, MDPI Sensors) and Magazines (IEEE Computer, Communications of the ACM), and covered by international media (Wired, ArsTechnica, Motherboard, Forbes, The Washington Post, Bloomberg, Business Insider). Ben has spoken at prestigious industrial conferences (Black Hat Asia and USA, RSAC USA, AI Week, CodeBlue, SecTor, and CyberTech) and he serves as a PC member in ACM CCS (22 and 23) and BlackHat (22 and 23). His research entitled him to the BGU Dean Award for excellence in Ph.D., and two nominations for the Pwnie Award.