[Cryptography] RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis
Phillip Hallam-Baker
hallam at gmail.com
Thu Dec 19 12:41:02 EST 2013
On Thu, Dec 19, 2013 at 6:22 AM, Werner Koch <wk at gnupg.org> wrote:
> On Thu, 19 Dec 2013 01:19, anzalaya at gmail.com said:
>
> > Have you trief this out against openssl ? How succesful do you think it
> > would be ?
>
> OpenSSL seems not to be vulnerable. The reason is that OpenSSL uses
> Montgomery multiplication which protects against this concrete attack.
> The attack is based on the specific way GnuPG switches between Karatsuba
> and simple multiplication.
>
Ben Laurie said that OpenSSL should be OK provided that the blinding flag
is used.
But OpenSSL has practically no documentation on such things other than the
source. So I would not trust that without looking at the source.
--
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131219/c8563907/attachment.html>
More information about the cryptography
mailing list