On 11/03/2015 05:25 am, Peter Gutmann wrote:
ianG <[email protected]> writes:
"We will also describe and present results for an entirely new unpublished
attack against a Chinese Remainder Theorem (CRT) implementation of RSA that
will yield private key information in a single trace."
An actual cryptography breach! Outstanding if true...
No, just a DPA attack, you've only quoted the last part of the full paragraph,
which is about DPA attacks.
(Before I read the full report my reaction was "they specifically mentioned
RSA CRT, it's either a fault attack or DPA", because if the attack description
includes "RSA CRT" then it's a sure sign that it'll be one of those two).
Oh I see. Right that makes sense, they say "implementation" so there is
something fishy about the code.
OK, something to put on the list of things to do the constant time
makeover on, or at least the "don't leak bits" pass over.
Maybe a summer internship for a student?
/me musing on likely context of attacking the CRT ... suggests they have
already breached the inner perimeter to do measurements, and know when
the key is being made, and can run their evil listener.
iang
ps; Note their pride in expressing the "entirely new unpublished attack"
... for those who are questioning where the NSA is wrt the open source
world, such snippets tell us we're not that far away.
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
