1024 bit RSA cracked?
Nicolas Williams
Nicolas.Williams at sun.com
Tue Mar 16 12:45:08 EDT 2010
On Wed, Mar 10, 2010 at 09:27:06PM +0530, Udhay Shankar N wrote:
> Anyone know more?
>
> http://news.techworld.com/security/3214360/rsa-1024-bit-private-key-encryption-cracked/
My initial reaction from reading only the abstract and parts of the
introduction is that the authors are talking about attacking hardware
that implements RSA (say, a cell phone) by injecting faults into the
system via the power supply of the device.
This isn't really applicable to server hardware in a data center (where
the power, presumably, will be conditioned and physical security will be
provided, also presumably) but this attack is definitely applicable to
portable devices -- laptops, mobiles, smartcards.
> "The RSA algorithm gives security under the assumption that as long as
> the private key is private, you can't break in unless you guess it.
> We've shown that that's not true," said Valeria Bertacco, an associate
> professor in the Department of Electrical Engineering and Computer
> Science, in a statement.
They're not the first ones to show that! Side-channel attacks have been
around for a while now. It's not just the algorithms, but the machine
executing them and its physical characteristics that matter.
Nico
--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list