[Cryptography] "Physical Key Extraction Attacks on PCs"

[Werner Koch]

On Sun,  5 Jun 2016 22:32, leichter at lrw.com said:

> The underlying work seems mainly to be about two years old.  The
> authors demonstrate a technique for determining keys (RSA, El Gamel,
> EC-DH - by looking at various low-frequency physical emanations

Right, they bug GnuPG for quite some time with their research ;-).
Their latest attack got public in February
(<http://www.cs.tau.ac.IL/~tromer/ecdh/>) due to an unexpected
publishing of the conference paper before the event.

> use of encrypted emails, web pages, or encrypted files.  And yet
> ... who applies public key algorithms to presented data directly?

The CACM paper mentions Enigmail and GpgOL.  The former actually has the
ability to decrypt all incoming mails in advance after the passphrase
has been given once.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
    /* EFH in Erkrath: https://alt-hochdahl.de/haus */