Follow Slashdot stories on Twitter


Forgot your password?

Submission + - SPAM: Researchers find way to zap RSA algorithm 2

alphadogg writes: Three University of Michigan computer scientists say they have found a way to exploit a weakness in RSA security technology used to protect everything from media players to smartphones and e-commerce servers. RSA authentication is susceptible, they say, to changes in the voltage supply to a private key holder.While guessing the 1,000-plus digits of binary code in a private key would take unfathomable hours, the researchers say that by varying electric current to a secured computer using an inexpensive purpose-built device they were able to stress out the computer and figure out the 1,024-bit private key in about 100 hours – all without leaving a trace.

The researchers in their paper [spam URL stripped] outline how they made the attack on a SPARC system running Linux.

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Researchers find way to zap RSA algorithm

Comments Filter:
  • If you're running a network server. It might be a novel way to break RSA based hardware encryption on a device you have physical access to. And that you want to spend this amount of time messing with. It is a value proposition for breaking into stolen devices. But if you have a cage and conditioned power supply, this is non-news. The PDF does state that devices like blueray are susceptible because of easy physical access. But it talks about SSL servers being susceptible. If you have physical access t
  • Considering how much trouble you'd have to go through to bypass voltage regulation, which is designed to remove this kind of noise, I think you would leave traces. Most of the article is pure crap. But it is still interesting.

"Marriage is low down, but you spend the rest of your life paying for it." -- Baskins