On 9/03/13 18:30 PM, Tanja Lange wrote:
Dear Ian,
Has anyone done any side channel analysis on phones?
On the constructive side you might want to check out NaCl for ARM (best
with NEON), e.g.
http://cryptojedi.org/crypto/#neoncrypto
which avoids all software side channel attacks. Not sure how you would
avoid cache attacks in Java.
Cryptographic Research has a demo attacking cell phones running slow
crypto (Java) by electromagnetic radiatiion, see
http://www.youtube.com/watch?v=4L8rnYhnLt8
OK, interesting. One thing I did not understand here was that the
speaker said that at one point that it didn't matter if there was a mode
employed like CBC, and at another point he was stating that he needs
e.g. 10,000 or similar usages of that one key. Which is it?
Attacking fast (good) implementations is a lot harder but wee're looking
into it.
so I'm looking for a fast (good) implementation of Java crypto :) (As
mentioned earlier, the open apps world is pretty much limited to pure
software.)
What was fairly impressive was that he was reading the ECC key directly
from the oscilloscope from one scan of the radio signal.
All the best
Tanja
thanks, iang
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
