-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 20/12/13 10:28, Mike Cardwell wrote:
I have a V2 OpenPGP SmartCard. I'm wondering if this would be vulnerable to
the attack in question? Also, what about the Crypto Stick? Presumably these
generate the same sort of noise during
Werner == Werner Koch w...@gnupg.org writes:
On Wed, 18 Dec 2013 18:31, sys...@ioioioio.eu said:
Here, we describe a new acoustic cryptanalysis key extraction attack,
applicable to GnuPG's current implementation of RSA. The attack can
Well that is what I posted a few hours ago
On Thu, 19 Dec 2013 17:54, o...@mat.ucm.es said:
Since you are mentioned in this webpage, do you know by any chance
whether gpgsm is vulnerable in a similar way?
gpgsm uses Libgcrypt and Libgcrypt employs RSA blinding for a long time
now. Thus it is not vulnerable. The reason Libgcrypt has
Here, we describe a new acoustic cryptanalysis key extraction attack,
applicable to GnuPG's current implementation of RSA. The attack can
extract full 4096-bit RSA decryption keys from laptop computers (of
various models), within an hour, using the sound generated by the
computer during the
On Wed, 18 Dec 2013 18:31, sys...@ioioioio.eu said:
Here, we describe a new acoustic cryptanalysis key extraction attack,
applicable to GnuPG's current implementation of RSA. The attack can
Well that is what I posted a few hours ago to this list ;-).
Salam-Shalom,
Werner
--
Die