voltage-controlled *lack* of security (RSA impl. hacked)
Mar 4, 2010 at 8:11 PM Thread Starter Post #1 of 6
linuxworks

linuxworks

Member of the Trade: Sercona Audio
Joined
Oct 10, 2008
Posts
3,456
Likes
69
synopsis: Researchers find way to zap RSA security scheme

University of Michigan security researchers outline voltage-based attack on the RSA authentication scheme

Three University of Michigan computer scientists say they have found a way to exploit a weakness in RSA security technology used to protect everything from media players to smartphones and e-commerce servers.

Researchers find way to zap RSA security scheme

how strange!




...of course, they could have halved their solve-it time if they used *balanced* cabling.

wink.gif
 
Mar 4, 2010 at 9:18 PM Post #3 of 6
I'm only partially thru the .pdf (and only understanding a tiny percent of it) but it seems to be a 'side attack' and hardware fault based. if you cause some parallel channels to run faster or slower than others, the chip assumes the piplines will 'connect' at the same point in time but if they're interfered with (voltage part) then you can upset this and cause hardware faults. this seems to be how they 'got in'; by causing faults and getting the 'bad' computations back and chewing on them. in a nutshell (afaict)

still, pretty interesting how they did this and did not need internal access to the box!
 
Mar 4, 2010 at 10:15 PM Post #4 of 6
By the title of the thread, i thought someone figured out the secret under the nail varnish on RSA's chips in his amps...lol !!!
biggrin.gif



RSA= Ray Samuels Audio


I thought i was going to see a list of amp models with chip numbers, and i was waiting for the thread to be quickly deleted....LOL!!!
 
Mar 5, 2010 at 7:11 AM Post #6 of 6
Quote:

Originally Posted by linuxworks /img/forum/go_quote.gif
I'm only partially thru the .pdf (and only understanding a tiny percent of it) but it seems to be a 'side attack' and hardware fault based. if you cause some parallel channels to run faster or slower than others, the chip assumes the piplines will 'connect' at the same point in time but if they're interfered with (voltage part) then you can upset this and cause hardware faults. this seems to be how they 'got in'; by causing faults and getting the 'bad' computations back and chewing on them. in a nutshell (afaict)

still, pretty interesting how they did this and did not need internal access to the box!


Seems like a fairly standard side channel attack (attacking implementation instead of attacking algorithm) of the sort caused by software guys that don't know much about hardware and systems guys who have bigger fish to fry than security.
 
You must log in or register to reply here.

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
Back
Top