Have you read the paper yet? You might be interested in figures 7-9, which show spectrographic measurements of exactly what you're claiming is impossible. Sections 4 and 5 go on to describe how you can use these measurements to get fairly accurate timing information about individual RSA key operations. What you seem to be missing is that, even though the audio bandwidth isn't nearly high enough to resolve individual CPU instructions, aggregated timing measurements can still leak a substantial amount of information. This is well-established in the crypto literature, and it's now standard practice to write code robustly to this sort of attack by making the timing data-independent.
As a side note: it's not clear to me what being an "SMPTE committee member" entails, or why it confers any special expertise about cryptographic side-channel attacks. I only point that out because you've mentioned it in two separate comments now, and I don't see why it's relevant.
SMPTE in this case is relevant because the claims aren't defensible under the rules of Physics. You can't push the stuff they are claiming though Air, or with microphones. There is one claim in there about the capacitance of a human that I can't provide counter claims for, because I really don't know, but basically you can't move the kinds of data they are talking about via Air, sound, and mic cables.
Once you realize that doesn't work everything else is irrelevant.
If you can name a single specific claim that you don't think is defensible, I might be inclined to take your argument more seriously. But so far, everything you've said is a vague generality that continues to support my theory that you haven't read the paper and don't understand the method being described.
The claim that there is a significant difference in the emitted sound from a capacitor based on the value of an RSA Key. May or may not be true.
That that sound is significant enough that you can use a microphone, to pick it up from a distance greater than a fraction of an inch is implausible.
That the sound difference is such that it can be captured with any of the setups pictured in the paper is impossible. There are systems designed for frequency isolation that do megahertz sampling rates which you could convince me are capable of reading the 1's and 0's out of a 286. The frequencies of modern electronics that is simply not possible.
>That the sound difference is such that it can be captured with any of the setups pictured in the paper is impossible. There are systems designed for frequency isolation that do megahertz sampling rates which you could convince me are capable of reading the 1's and 0's out of a 286. The frequencies of modern electronics that is simply not possible.
They are claiming to pick up a rather large algorithm change in code that runs for dozens of milliseconds to extract a single bit. A loop taking a bit over 26 vs. a bit over 28 microseconds in the example (or something reasonably close to that description). Why would this need such high-end equipment to pick up?
That's a claim that the authors aren't making. As has been repeatedly pointed out, the attack depends on timing the execution of blocks of code which take much longer than a single instruction, so the 44.1kHz sampling rate described in the paper is sufficient.
As a side note: it's not clear to me what being an "SMPTE committee member" entails, or why it confers any special expertise about cryptographic side-channel attacks. I only point that out because you've mentioned it in two separate comments now, and I don't see why it's relevant.