Who cares about side-channel attacks?
Ben Laurie
ben at links.org
Sun Oct 26 18:00:48 EDT 2008
Peter Gutmann wrote:
> In fact none of the people/organisations I queried about this fitted into any
> of the proposed categories, it was all embedded devices, typically SCADA
> systems, home automation, consumer electronics, that sort of thing, so it was
> really a single category which was "Embedded systems". Given the string of
> attacks on crypto in embedded devices (XBox, iPhone, iOpener, Wii, some
> not-yet-published ones on HDCP devices :-), etc) this is by far the most
> at-risk category because there's a huge incentive to attack them, the result
> affects tens/hundreds of millions of devices, and the attacks are immediately
> and widely actively exploited (modchips/device unlocking/etc, an important
> difference between this and academic proof-of-concept attacks), so this is the
> one where I'd expect the vendors to care most.
But they've all been unlocked using easier attacks, surely?
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list