Researchers Find Way To Zap RSA Algorithm

alphadogg writes "Three University of Michigan computer scientists say they have found a way to exploit a weakness in RSA security technology used to protect everything from media players to smartphones and e-commerce servers. RSA authentication is susceptible, they say, to changes in the voltage supply to a private key holder. While guessing the 1,000-plus digits of binary code in a private key would take unfathomable hours, the researchers say that by varying electric current to a secured computer using an inexpensive purpose-built device they were able to stress out the computer and figure out the 1,024-bit private key in about 100 hours – all without leaving a trace. The researchers in their paper outline how they made the attack (PDF) on a SPARC system running Linux."

Like lead pipe cryptanalysis...

[Anonymous Coward]

...whether interrogating a human or a computer, apparently it is a simple matter of voltage.

Re:

[Jurily]

You, sir, win this thread. Congratulations.

Obligitory XKCD.

[toastar]

Just use Social Engineering [xkcd.com]

Re:

[OzPeter]

Rubber hose.

To the back of the thigh.

10 seconds.

100 pesos.

Since when did slashvertisments start to include BDSM offers?

Article == Summary

[fishwallop]

The only thing the article "ads" to the summary posted here is a pretty splash screen, which in my case tried to sell me SQL Server.

Re:Article == Summary

[Sir_Lewk]

A first poster that actually RTFA? What the hell is slashdot coming to?!?

He's right though, skip TFA and just read the linked PDF if you want more details.

Re:

[wizardforce]

There are two articles, one is mostly worthless. The other is a PDF which is actually much more informative. The attack focuses on the implementation of RSA in OpenSSL and uses a cluster of processors to carry out the attack. All in all TFA notes that about a year of computing time is actually required to extract the key. The voltage manipulation causes faults which are used to extract the key after quite some time.

Re:

[poetmatt]

and the only thing it lacks is that all of this is basically impossible under FIPS 140-2 on level 4 products. [wikipedia.org] Notice how it talks about voltage sensitivity. Meanwhile FIPS 140-3 is on it's way, and from level 4 on involves this.

I myself don't know how widespread using level 1-3 devices is, however.

Re:Article == Summary

[electrostatic]

A very pertinent comment.

Level 4

Security Level 4 provides the highest level of security.

At this security level, the physical security mechanisms provide a complete envelope of protection around the cryptographic module with the intent of detecting and responding to all unauthorized attempts at physical access.

Penetration of the cryptographic module enclosure from any direction has a very high probability of being detected, resulting in the immediate zeroization of all plaintext CSPs.

Security Level 4 cryptographic modules are useful for operation in physically unprotected environments. Security Level 4 also protects a cryptographic module against a security compromise due to environmental conditions or fluctuations outside of the module's normal operating ranges for voltage and temperature. Intentional excursions beyond the normal operating ranges may be used by an attacker to thwart a cryptographic module's defenses. A cryptographic module is required to either include special environmental protection features designed to detect fluctuations and zeroize CSPs, or to undergo rigorous environmental failure testing to provide a reasonable assurance that the module will not be affected by fluctuations outside of the normal operating range in a manner that can compromise the security of the module.

Re:

[Brian Gordon]

When the summary is taken straight from the article, it's a good idea to at least link to them..

Oh well...

[judolphin]

Just means it's time to break out the megabit keys!

"overclocking" machines vulnerable

[Animats]

Machines where software can alter the CPU voltages and clock speeds for "overclocking" purposes may be especially vulnerable to this attack. "Advanced power management" may also offer an attack vector.

Also worry about Intel's Nehalem architecture, where there's a small CPU dedicated to power, clock, and thermal management. Access to that allows detailed control over power.

Re:"overclocking" machines vulnerable

[pegr]

"the researchers say that by varying electric current to a secured computer"...

Um, if they have physical access to the computer (in order to monkey with the power), why would it be considered secure?

Re:"overclocking" machines vulnerable

[Ignorant Aardvark]

Um, if they have physical access to the computer (in order to monkey with the power), why would it be considered secure?

This vulnerability is dangerous in the case when the same key is being used in many devices. Cracking one means you've cracked them all. This is a fairly common situation in consumer devices. See the HD-DVD player keys, or the TI graphing calculator signing keys.

Re:

[MichaelSmith]

I used to do something like this with a 6502 and an AM radio.

Re:

[khellendros1984]

RSA is an asymmetric encryption algorithm. If you have access to the public key, you can factor it (the hard part), and calculate the signing key based on that.

In these schemes, encryption and signing use the same mathematical operation. For signing, the signer encrypts the message with their own private key, so only their public key can decrypt the message. For encryption, the message is encrypted with the public key of the intended recipient, so that only the recipient's private key can be used to retri

Re:

[dunng808]

There is sufficient information in the public key to generate the private key (and it relies on multiplying together two large prime numbers). If the public key can be factored, then you have the two primes from the private key, and you can derive the private key. This is inherent to this encryption system, and it's why it's so important that you use large keys.

To me this sounds absolutely wrong. AFAIK (which isn't much) there is nothing is one key that can be used to generate the other. Please site a refe

Re:

[Captain Segfault]

There is nothing, as far as we know, short of factoring a number that is a component of both the private and public keys.

If you can factor that number you can very easily generate the private key from the public key. The point is that it's important to pick a number which is sufficiently large as to be impossible to factor with current technology.

Re:

[gringer]

if they have physical access to the computer (in order to monkey with the power), why would it be considered secure?

You've got me stumped. Perhaps you should ask the companies who make these media players, smartphones, and other devices that use RSA. While you're at it, could you please also ask the same question to the companies who distribute digital files for use on these devices?

Re:"overclocking" machines vulnerable

[pz]

"the researchers say that by varying electric current to a secured computer"...

Um, if they have physical access to the computer (in order to monkey with the power), why would it be considered secure?

The faults described by the paper are so ... what's the word ... specialized that it challenges believability. Not only does the attacker have to have physical access -- and likely pretty good physical access -- they have to know precisely when the encryption algorithms are being performed so that the faults can be induced then and only then otherwise the operation of the computer will be compromised. Furthermore, the faults must be induced at a reasonable, but not too great, rate, and at randomly varying times in the computation, so as to explore the full error space and have insight into the keys. And the computations have to be repeated MANY times over in order to extract enough information. So, not only do attackers have to know exactly, to the microsecond, when the system under attack is computing the RSA algorithm, they also have to be able to vary the voltage to the CPU. Their physical proof of concept, as much as it is described in the paper, is contrived. Their assertion that the technique does not require physical access is wholly unsupported. Color me skeptical. Anyone with this level of access is going to be able to do more than trigger faults.

The paper asserts that the probes can be done without leaving any trace. I don't know about the authors, but the voltages on my computers are monitored by software and excursions logged so that I can know if/when there are problems. Since the RSA-breaking technique requires substantial exploration of the response to voltage tweaks, it is likely to be detected by a decent monitoring program.

Finally, the PDF does not carry any publication information suggesting strongly that it describes work that is not peer-reviewed. It is shoddy science to bypass peer review and release to the general public.

Re:

[lgw]

Cryptographic "breaks" are almost never useful attacks in the real world. They are merely ways to make it slightly easier to get to the plain text, in some case. These accumulate over time, and eventually you retire an algorithm because it seems like in just a few more years a practical break might happen.

Product-of-prime-numbers asymmetric encryption (what some people call RSA encryption) has been deprecated by the NSA for new systems for about 5 years now.

Re:

[arethuza]

Yeah - that would be pretty interesting. Presumably the only reasonable inference that could be made if the NSA have deprecated RSA-style crypto is that they suspect/know that it has some real flaws that are much more serious than the type described in this article.

Re:

[snemarch]

I'm guessing here, but probably elliptic curve crypto.

Re:

[marcansoft]

It's "physical access" beyond most would even dream of... SPARC sounds like they're using an off-the-shelf computer system. They aren't. They downloaded the open source SPARC core (as in the source code to the CPU itself) and implemented it as a soft-processor in an FPGA chip. They're basically using their own custom computer system, with complete control and the ability to know exactly how it works, down to the deepest logic in the CPU.

Call me when they implement this on an off-the-shelf secure embedded sy

Re:

[marcansoft]

The PS3 attack was very obvious (i.e. the hypervisor lives in external memory, essentially unsecured), and the Cell chip is fairly well documented itself. That's breaking security by obscurity (where obscurity is the high-speed memory bus), and isn't really comparable to what this article talks about. Also, it doesn't rely on tweaking CPU voltage to produce internal errors, but rather on glitching the memory bus. This is a lot easier, and has a (small - the PS3 hack as performed by geohot is highly unpredic

Re:

[ToasterMonkey]

Um, if they have physical access to the computer (in order to monkey with the power), why would it be considered secure?

Because it's in a locked sheet metal box that makes every attempt to purge sensitive key material if tempering is detected?

No they are not

[Chemisor]

When you overclock, you always have to check system stability at each level you try. Most people run some CPU stress program and see if it crashes or gives the wrong results. If you get any faults, your CPU can't handle the overclock and you have to try a lower frequency. As long as you apply this procedure properly, you won't have any faults. You most certainly won't get any predictable amount of faults. Now, the researchers could do it because they only ran OpenSSL on their hardware. If you tried that on

Re:

[marcansoft]

Also, Intel chips, like Nehalem, actually have voltage converters on the chip which change 12V and 5V inputs to the 1.5V or so that the CPU needs. So your Core i7 system is quite safe against this attack. (Yes, it overclocks. See above)

Nope. The 12V to 1.xV converters are always on the motherboard (right next to the CPU). Modern CPUs might have smart power switching, but they definitely don't have on-board regulators. DC-DC voltage conversion requires large inductors, which you can't get on a chip anyway, a

Re:

[Weezul]

Intel's Nehalem chips are vulnerable to far easier and speedier attacks using their HTT technology, plus HTT attacks do not require rooting the machine.
http://www.daemonology.net/papers/htt.pdf

Could this be considered...

[ravenspear]

...electronic torture?

We can just declare this method in violation of the computer's rights and solve the problem easily!

Re:Could this be considered...

[Bakkster]

...electronic torture?

Wattage-boarding

Re:

[bluesatin]

This isn't much use for LAME as it's open source, you can just grab any information you want off SourceForge.

Changing the voltage supply req. HW access, right?

[anss123]

In what kind of scenario would you have access to the PSU of the server you attacked? Private key servers should not be directly accessible after all.

Re:

[Anonymous Coward]

In what kind of scenario would you have access to the PSU of the server you attacked?

E.g. Hosted data center

Re:

[interval1066]

Kinda reminds me of the TrueCrypt attack that made a splash a couple of years ago in which the attacker can compromise an encrypted partition by obtaining possession of the host hardware right after a power-down, getting inside the chassis and spraying down the RAM DIMMS with an inverted can of air so as to cool them down to slow the entropy of the down-powered chips; the attacker then has to create and analyze the leftover ram images with his own hardware and pull the encryption key out of that mess. As th

Re:

[ircmaxell]

Not quite. The voltage that was varied was the 1.5v CPU voltage. This is regulated on the motherboard (The PSU on the computer supplies +3.3v, +5v, -12v and +12v). So to execute this attack, you'd either need access through the bios to the CPU voltage control, or to physically tamper with the voltage regulator module present on server motherboards (Destop motherboards typically have this integrated instead of socket fit making it a lot harder to tamper with). Since both contain voltage regulators, simpl

Re:

[Andy Dodd]

Also, this is an attack against software running on the host CPU (OpenSSL in the paper) - most likely, 95%+ of OpenSSL implementations on datacenter servers are storing the key on the hard drive, not in a TPM.

Re:

[ircmaxell]

Well, it doesn't matter where the key is stored. The key must be read in order to be processed. So at some point in time the appropriate parts of the key must be in the CPU (since it needs to do math against the bits of the key to produce the signature), hence why the attack vector exists...

Re:

[ToasterMonkey]

Which proves parents point, if the key is stored in drive, why go this length to fetch it since you simply can read it off the drive...

HW crypto appliances (a glorified PC server booting off a CD with a black box PCI card) don't have harddrives.

A hand rolled software crypto server might not either, and probably isn't anal about input voltages unlike the expensive appliance.

The point is cheaping out on your crypto system has measurable risks.

Re:

[lgw]

FIPS 140-2 level 3 requires zeroing of the key upon tamoer detection, but not detection of voltage or temperature abnormalities (those are level 4). This attack would be interesting against such a device.

Re:Changing the voltage supply req. HW access, rig

[fuzzyfuzzyfungus]

Probably much more threatening(though, frankly, that pleases me) to DRMed embedded systems and similar gear that is supposed to be "secure" vs. its immediate environment; but is also in the hands of the public in huge quantities.

Yeah, if I can break into your datacenter and clamp some crazy widget onto the (presumably multiple) lines supplying your server's PSUs, a clever voltage attack is not the biggest of your problems.

If, on the other hand, you can guess the private crypto keys out of a DRMed PMP just by clipping a 15 dollar device from some shady mod-chip vendor to the recharging port and waiting a few days, heads will roll. There are a lot of devices these days that are designed to keep keys secret from the owners of the hardware. Particularly for common ones, voltage attack devices might well become fairly common advanced hobbyist and/or grey market items...

Re:

[afidel]

Yeah my first thought was ATM's =)

Re:Changing the voltage supply req. HW access, rig

[metamatic]

Sadly, most DRM-crippled hardware isn't going to have the private keys inside. For example, the PS3 and Wii will only have the public keys in the hardware so that they can check signatures on code. The private keys will be on hardware somewhere inside Sony and Nintendo, and presumably carefully guarded from unauthorized access.

Re:

[Andy Dodd]

A similar sidechannel attack might be usable to extract such information though.

Re:Changing the voltage supply req. HW access, rig

[daniel de graaf]

Depends on what the DRM is trying to protect. Music players, video players for downloadable content, and basically anything where the content isn't tied to a physical object like a game disc will need a private key of some kind to encrypt the data on their volatile storage. While most of this will probably be done using symmetric encryption, you still need some way for the server that hands out the content to prove that it is a real device and not an emulated device, and that's normally done with a locally stored private key.

Re:

[daniel de graaf]

This attack is relevant when you are trying to extract the private key of something like a TPM, in order to defeat the DRM protections it is trying to provide, or decrypt the drive whose key it is holding.

Re:

[owlstead]

TPM chips and certainly high end smart card chips are protected against this kind of attacks using the power source. You certainly cannot get a Common Criteria certification if you don't protect against these kind of side channel attacks. Of course, for consumer CPU's there' no CC certification or protection measures like these.

Re:

[benjamindees]

DRM, smart-cards, cable/tv access boxes, media players, stolen laptops, etc

Probably not e-commerce servers exactly, but you never know depending on the physical security of your datacenter. And with DRM, of course, the purpose is to lock you out of equipment to which you have physical access.

Re:

[sjames]

When the 'server' is a chip on a smart card and the 'PSU' is your POS terminal.

Re:

[Hatta]

When you're the government.

Re:

[pclminion]

In what kind of scenario would you have access to the PSU of the server you attacked?

I don't know, how about a world where you've arrested a political dissident and you want to obtain his/her private key, and he/she refuses to hand it over?

Re:Changing the voltage supply req. HW access, rig

[ToasterMonkey]

In what kind of scenario would you have access to the PSU of the server you attacked? Private key servers should not be directly accessible after all.

Uh, like the scenario where you're a bank's IT admin and you're trying to steal PIN encrypting keys?
BTW, you should require direct access to load or change keys if you know what's good for you.

Hardware crypto devices already tackle these problems, this research is further justification for them.

xkcd already did it cheaper

[snarfies]

Rather than apply electrical current to a key holder, wouldn't it be easier and cheaper to apply a $5 wrench? [xkcd.com]

Re:

[wall0159]

If I only ever saw XKCD via /. I'd swear there were only about 10 cartoons!

Re:

[andi75]

Maybe there's only about 10 *good* cartoons...

Re:

[BitZtream]

Naw, as the alt text says, you won't find a $5 wrench anymore :/

Re:

[Old Man Kensey]

A free hunk of wood or metal found laying around outside is just as good for these purposes as a wrench of any type. Plus most people have a tire iron in their trunk, that's basically "free" since it costs you nothing to dig out and apply vigorously.

Re:

[SQLGuru]

It's all in where you look: http://www.harborfreight.com/cpi/ctaf/displayitem.taf?Itemnumber=39642 [harborfreight.com]

For the purposes expressed in the comic, the above wrench should be more than adequate. Granted it might not hold up long, but it'll get the job done. YMMV

Re:

[zill]

Shipping is $6.99 unfortunately.

Re:

[SQLGuru]

There's a Harbor Freight just down the parking lot from Fry's here in Austin.....shipping is "free".

wrong headline

[Lord Ender]

Researchers Find Way To Zap RSA Algorithm

No, reasearchers find side-channel attack on SPARC CPU (which requires elevated access, anyway).

Re:wrong headline

[Andy Dodd]

To be more specific:

No one attacked the algorithm itself here. They attacked one specific implementation of the RSA algorithm.

Side channel attacks are nothing new. There are plenty of crytographic algorithms that have no known flaws which have had implementations broken via side channel attacks, due to flaws in the implementation, not the algorithm.

Re:wrong headline

[osu-neko]

...due to flaws in the implementation, not the algorithm.

The "flaw in implementation" in most cases being the relatively common "flaw" of being implemented in real-world hardware, where it has to consume power, utilize moving electrical current, obey the laws of physics, etc, rather than existing only on paper where such "flaws" can be avoided.

Re:

[c++0xFF]

"In theory there is no difference between theory and practice. But, in practice, there is."

(p.s. Who originally said this, anyway?)

Re:

[lgw]

I believe it was the same sage who said "You can observe a lot just by watching." Of course, he also said "I never said most of the things I said," so it's hard to be sure.

Re:

[OzPeter]

There are plenty of crytographic algorithms that have no known flaws which have had implementations broken via side channel attacks, due to flaws in the implementation, not the algorithm.

While I agree with you, I just want to go a bit philosophical and suggest that the robustness of the physical system is just as important as the algorithm when determining how flawed or not something like a security system is. Which is basically a "weakest link" consideration.

Re:

[Andy Dodd]

Right. Which is why there are guidelines for implementing crypto algorithms so as to avoid sidechannel attacks.

Occasionally someone finds a new sidechannel attack (such as one that relied on the Pentium 4's hyperthreading implementation), but most of the "basic" ones are well known and can be designed against. (See, for example, FIPS 140-2 level 4, which requires protection against glitching attacks such as this.)

Re:

[blair1q]

And unless I RFA'd wrongly, they had to map the SPARC to an FPGA in VHDL so they could be sure their assumptions about multipliers being the critical path would remain correct.

Because if their glitching of the power supply is inducing bit-flip errors in anything other than the multiplier, they're probably going to crash the core, and they won't get the thousands of samples they need to reach 50% probability of pwning the private key in polynomial time.

I.e., it is vanishingly unlikely that you are going to b

some ppl are seriously sick

[Anonymous Coward]

hackers these days are seriously sick, not long ago one guy dissolved chips and listened in on instructions right on die
now this, just take a look at that paper

sure the principle is simple, create condition that causes errors and incidentally more of the bits you have guessed the less errors you have etc etc etc

but seriously people who figure these things out and make them work... i question their sanity, brilliant but you have to be a mad scientist to achieve these things

Re:some ppl are seriously sick

[Just Some Guy]

but seriously people who figure these things out and make them work... i question their sanity, brilliant but you have to be a mad scientist to achieve these things

You're in the wrong place, and your attitude sucks. Consider yourself lucky to live in a world with people who are this driven by their curiosity.

Re:some ppl are seriously sick

[clone53421]

This is moderated flamebait... I’m not sure why. I read the entire thing in a congratulatory tone.

I guess some people think being called “sick” is an insult...

Re:

[sapphire wyvern]

What, you don't think "Look out! That reaction containment vessel is about to fail!" is a valid sentence?

Fail is totally a verb. Adjective status in standard English is a bit more questionable, though.

Re:

[shutdown -p now]

but seriously people who figure these things out and make them work... i question their sanity, brilliant but you have to be a mad scientist to achieve these things

I suggest you go look up the etymology of the word "geek".

!news

[betterunixthanunix]

This is just a fault injection attack. People have been doing similar things to block ciphers for years, it is not a mathematical weakness, just a side channel attack, and an active one at that. Cool that they did it against RSA, but not really headline news...

Re:

[betterunixthanunix]

This is a side channel attack, not an attack on the mathematics. AES, which is often used for encryption in SSL (the public key crypto is only used to establish a shared secret for symmetric ciphers like AES), is also vulnerable to side channel attacks, and there is a large body of published literature on that. 3DES, which is also commonly used, is vulnerable to fault injection attacks too. There is nothing scary about any of this -- side channels attacks are just a fact of life, and for high security in

Physical Access

[KevMar]

If someone has physical access to your machine, then you have already lost.

Re:

[IndustrialComplex]

If someone has physical access to your machine, then you have already lost.

So everyone who ever uses colocation has lost?

Re:Physical Access

[Eric Smith]

So everyone who ever uses colocation has lost?

Yes. Are you actually surprised?

Re:Physical Access

[OzPeter]

So everyone who ever uses colocation has lost?

Given that organized crime seems to be paying off minimum wage clerks to install card skimmers in gas pumps, wouldn't it be logical that minimum wage admins at co-lo facilities would also be vulnerable to the same vector - $$$$

Re:

[snspdaarf]

Hell, even well-paid admins could be vulnerable. All kinds of things can result in a need for money. Insurance problem, spouse gets fired, simple greed....

Re:

[turing_m]

Hell, even well-paid admins could be vulnerable. All kinds of things can result in a need for money. Insurance problem, spouse gets fired, simple greed....

Gambling and drug problems are also classic cases of needs for lots of money and an addiction that overrides ethical considerations.

Re:

[colinrichardday]

But of course, no sysadmin at say, a dinosaur zoo would ever resort to such shenanigans. And he certainly wouldn't smuggle the hardware in a can of Barbasol.

Re:

[lgftsa]

Yep, they've made the decision that there's nothing on the server which they can't afford to lose. Or they're idiots.

They're placing all their trust in the security and vetting standards of their co-lo, from the admins and techs, to clerical staff, plant and maintenance, cleaners, safety inspectors, linoleum layers, electricians, the list goes on. That assumes, of course, that the co-lo has standards and follows them without exception. I don't have the time or resources to audit them.

Our server room is only

Re:

[the_fat_kid]

in as few words as possible:

Yes.

If you co-anything you are giving up your security.
now I have not just one, but mutiple targets for the tried and true XKCD wench hack. http://xkcd.com/538/ [xkcd.com]
so, if security is the name of your game, you have already lost.
please try again...

Re:

[pushing-robot]

If someone has physical access to your machine, then you have already lost.

Quoted for truth.

If someone can gain access to your datacenter power systems remotely and change output voltages, your admins are idiots and you've got more problems than just a RSA vulnerability. And if someone already has physical access to your server thats performing the encryption in the first place, is it any surprise that they can bypass said encryption?

It's a nifty attack, but not terribly practical.

"without leaving a trace..."

[starglider29a]

...except for the empty bags of cheese puffs, Rockstar cans, and several bottles of "lemon gatorade", no one would suspect that they had been there.

Sci-Fi story

[OzPeter]

Back years ago I read a book where the good/Bad guys got a suitcase sized AI to break down and confess by cycling its power to the point where it couldn't take it any more.

Good to see reality starting to mimic fiction

BTW Can anyone tell me the title? About the only other main thing I remember about it was helicopter pilots being blinded by laser strikes.

Re:

[Baby Duck]

Psychic Dictatorship in the U.S.A. talks about pilots being blinded by lasers when spying on Russian vessels. I don't remember anything about an AI in it, though.

Despite its sensational title, the book declares mind control to be bogus. However, that hasn't stopped people from trying -- and committing atrocites in the process.

It also discusses ambassadors and spies contracting rare blood diseases from being exposed to very low frequency radiation emitters in their offices over long periods of time. This is

Re:

[OzPeter]

Unfortunately thats definitely not the book I am thinking about. In the one I read there was a lot of AI stuff.

Implementation, not algorithm!

[ronys]

It's an implementation on specific hardware that was broken. Not the first time, nor the last. If the *algorithm* would have been broken, now *that* would have been news!

Damnit, I was hoping for something useful ...

[BitZtream]

Great, another 'if you have physical access to the key, you can get the key' methods.

Look, 'stressing' the computer for a hundred hours while screwing with the voltage is going to get you noticed if its a key important enough for to use this method to do it. I can go to your PC and steal the contents of the entire drive without leaving a trace, but you're probably going to notice when I move you out of my way so I can put in a boot cd and external drive to copy the data to.

Practical value: 0
Research value: 1
Geek Cred: 11
Priceless, or rather, worthless.

Well, there is one significant use-case

[mbessey]

Extracting private keys from smart cards would be one application. That's a case where you have "physical access" to the key holder, but it's protected by physical security. The card will erase the key if you open the box, but it provides a digital signature service, which you can exploit via this method to extract the key without opening the case.

Re:

[aXis100]

Game consoles would be succeptible too.

Here's a patch for the vulnerability

[guruevi]

http://www.apc.com/ [apc.com]

Seriously. If your server is a big enough target where to have it's keys taken using this technique is beneficial (a key signing server for example) then you need a bit more protection against somebody hanging outside on a pole playing with your electricity supply.

Nothing new or interesting here..

[xquark]

The concept is called Differential Power Analysis (DPA) or for people in the industry its also known as power cryptography and has been a staple of many attack vectors since the mid-90s (at least in open research), furthermore simple techniques such as adding salt or in other words randomly chosen bogus operations into the computation flow renders such attack vectors useless.

Nothing new here, slow news day, move along peoples.

   

Re:

[owlstead]

Then they mention Linux, which has little to none-to do with it. Of course, you can only reach the add by clicking away a Microsoft add. It's amazing what kind of articles are displayed on Slashdot now and then. Even the comments are starting to deteriorate (not yours of course).

But you can be sure my home will stay void of Sparc processors after this fiasco :) The Niagra processors all have RSA in hardware so if the software uses that they are safe anyway. They probably chose a single CPU with easy RISC in

Re:

[xquark]

That is absolutely correct, slashdot is going downhill as of the last couple of years.

As for your comment regarding "single CPU with easy RISC instructions" thats also absolutely correct as well, back in 98' when I was reviewing the ideas coming out of Cryptography Research (cryptography.com), we could only ever get this kind of thing to work on smart-cards for that very reason, they all have a single execution pipe-line, no prefetch or look-ahead algorithms, essentially instructions/data are pumped in and

Not so fast

[Ancient_Hacker]

NO, they did not find a glitch in the algorithm, they happened to find an implementation which was amenable to their attack method.

All the chip makers have to do is take any one of several measures:

(1) Regulate the CPU voltage on-chip.
(2) or just detect that it's below spec and force a reset.
(3) or do the calculation two times, or in two different ways, or both, and reset if the results don't match.
(4) or add a few gates of carry-lookahead to the multiplier so it's not so speed-sensitive.
(5) or detect

Figure 8

[Mal-2]

I find it striking how much Figure 8 in the PDF, showing the location of single-bit faults, resembles the acoustic power spectrum [unsw.edu.au] of something behaving like a closed tube. I see clear odd numbered partials and weak even numbered partials, with a missing fundamental. I would not be surprised if this distribution turns out to be connected to the exact timing of the attacks. Sweeping the timing of the attacks may cause other bits to be affected.

Mal-2

Re:

[Gorobei]

It's common, and yes it can be fixed. But it's just a special case of a large class of attacks: hitting the element with cold/heat/radiation, grabbing leakage of various physical information from the element, etc.

The main goal of this game is to ensure the attack never becomes very cheap relative to the other attacks available. Thus, for example, certain types of big systems keep their bandwidth and compute in full usage at all times just to deter traffic analysis, naturally, this is not reasonable for c