On Wed, Mar 10, 2010 at 09:27:06PM +0530, Udhay Shankar N wrote: > Anyone know more? > > http://news.techworld.com/security/3214360/rsa-1024-bit-private-key-encryption-cracked/
My initial reaction from reading only the abstract and parts of the introduction is that the authors are talking about attacking hardware that implements RSA (say, a cell phone) by injecting faults into the system via the power supply of the device. This isn't really applicable to server hardware in a data center (where the power, presumably, will be conditioned and physical security will be provided, also presumably) but this attack is definitely applicable to portable devices -- laptops, mobiles, smartcards. > "The RSA algorithm gives security under the assumption that as long as > the private key is private, you can't break in unless you guess it. > We've shown that that's not true," said Valeria Bertacco, an associate > professor in the Department of Electrical Engineering and Computer > Science, in a statement. They're not the first ones to show that! Side-channel attacks have been around for a while now. It's not just the algorithms, but the machine executing them and its physical characteristics that matter. Nico -- --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com