On Thu, 11 Mar 2010, erythrocyte wrote:
With the recent news of researchers being able to crack 1024-bit RSA
keys using power fluctuations, I was wondering if it would be a good
idea to switch the RSA keys I have to some other algorithm. Both my
signing and encryption keys are 4096-bit keys. Am
On 3/11/2010 3:29 PM, Dan Mahoney, System Admin wrote:
On Thu, 11 Mar 2010, erythrocyte wrote:
Ref:
http://www.engadget.com/2010/03/09/1024-bit-rsa-encryption-cracked-by-carefully-starving-cpu-of-ele/
Okay, let me sum up this article for you:
Researchers who had physical enough access to
Alrighty. But doesn't this compromise the layer of security offered by
the passphrase? What's the point having a passphrase at all, if it's so
easy to compromise a private key?
You might as well ask, what's the point of OpenPGP at all, if it's so easy to
Van Eyck your monitor? Or, if it's so
erythrocyte wrote:
On 3/11/2010 3:29 PM, Dan Mahoney, System Admin wrote:
On Thu, 11 Mar 2010, erythrocyte wrote:
Ref:
http://www.engadget.com/2010/03/09/1024-bit-rsa-encryption-cracked-by-carefully-starving-cpu-of-ele/
Okay, let me sum up this article for you:
Researchers who had physical
On Mar 11, 2010, at 3:39 AM, erythrocyte wrote:
With the recent news of researchers being able to crack 1024-bit RSA
keys using power fluctuations, I was wondering if it would be a good
idea to switch the RSA keys I have to some other algorithm. Both my
signing and encryption keys are
On 3/11/2010 9:13 PM, Robert J. Hansen wrote:
OpenPGP assumes the endpoints of the communication are secure.
If they're not, there's nothing OpenPGP can do to help you make it
secure.
...All tools have preconditions: the existence of a precondition doesn't mean
the tool is broken.
The
On 3/11/2010 9:15 PM, David Shaw wrote:
Basically, no, and for several reasons. There are a few things that need to
be understood about the new attack. Briefly, this is an attack that relies
on manipulating the power supply to the CPU, in order to cause it to make
errors in RSA