Tuesday, March 9, 2010

1024bit RSA cracked in 100 hours. What is coming next?

Here is a very technical read on the attack used on RSA http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf. I made it about half way though, see how far you can go... lol. Anyways the summary is by messing with the voltage supply they are able to introduce single bit errors into the RSA algorithm, then they can take these bad outputs and analyze them to reveal the secret key.

They are able to do this without modifying or accessing the internal system components. So in effect the attack leaves no signs of tampering. They performed this particular attack against linux and OpenSSL.

WOW. Just remember security isn't about how strong your front door is.

No comments:

Post a Comment