On Wed, Mar 10, 2010 at 09:27:06PM +0530, Udhay Shankar N wrote:
> Anyone know more?
> http://news.techworld.com/security/3214360/rsa-1024-bit-private-key-encryption-cracked/

My initial reaction from reading only the abstract and parts of the
introduction is that the authors are talking about attacking hardware
that implements RSA (say, a cell phone) by injecting faults into the
system via the power supply of the device.

This isn't really applicable to server hardware in a data center (where
the power, presumably, will be conditioned and physical security will be
provided, also presumably) but this attack is definitely applicable to
portable devices -- laptops, mobiles, smartcards.

> "The RSA algorithm gives security under the assumption that as long as
> the private key is private, you can't break in unless you guess it.
> We've shown that that's not true," said Valeria Bertacco, an associate
> professor in the Department of Electrical Engineering and Computer
> Science, in a statement.

They're not the first ones to show that!  Side-channel attacks have been
around for a while now.  It's not just the algorithms, but the machine
executing them and its physical characteristics that matter.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Reply via email to