A New Vulnerability In RSA Cryptography
Udhay Shankar N
udhay at pobox.com
Sun Nov 19 00:16:07 EST 2006
http://it.slashdot.org/article.pl?sid=06/11/18/2030247
A New Vulnerability In RSA Cryptography
Posted by kdawson on Saturday November 18, @04:45PM
from the predictions-of-trouble dept.
romiz writes, "Branch Prediction Analysis is a recent attack vector
against RSA public-key cryptography on personal computers that relies
on timing measurements to get information on the bits in the private
key. However, the method is not very practical because it requires
many attempts to obtain meaningful information, and the current
OpenSSL implementation now includes protections against those attacks.
However, German cryptographer Jean-Pierre Seifert has announced [1]a
new method called Simple Branch Prediction Analysis that is at the
same time much more efficient that the previous ones, only needs a
single attempt, successfully bypasses the OpenSSL protections, and
should prove harder to avoid without a very large execution penalty."
From the article: "The successful extraction of almost all secret key
bits by our SBPA attack against an openSSL RSA implementation proves
that the often recommended blinding or so called randomization
techniques to protect RSA against side-channel attacks are, in the
context of SBPA attacks, totally useless." [2]Le Monde interviewed
Seifert (in French, but Babelfish works well) and claims that the
details of the SBPA attack are being withheld; however, a PDF of the
paper is linked from the [3]ePrint abstract.
1. http://eprint.iacr.org/2006/351
2.
http://www.lemonde.fr/web/article/0,1-0@2-651865,36-835944@51-835781,0.html
3. http://eprint.iacr.org/2006/351
--
((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com))
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list