[Cryptography] Data Protection Against Quantum Computing Brute Force via Device ID
natanael.l at gmail.com
Sun Jun 10 14:57:44 EDT 2018
Den sön 10 juni 2018 20:19Govind Yadav <yadavgovind at hotmail.com> skrev:
> This technology was originally invented to secure encryption (private key
> protection) and till a few months ago was not though to be a viable device
> ID technique, we found robust mechanism to achieve this - with bit
> manipulation by Metrarc client, even if the device is taken over by the
> malware, it cannot figure out what device parameters have been used and
> access the correct private key. 'Theoretically', this technology can even
> detect if there is Malware since the device's original operational
> parameters (CPU consumption etc.) will change.. Then came even a bigger
> challenge that how can we stop QC based brute force of Device ID itself, we
> found a solution. If we have reach this far, I am pretty sure, we will
> crack the last bit... Impossible is nothing...
This sounds like you require perfect knowledge of the client hardware, and
essentially computes a fingerprint of its behavior, and then uses the
fingerprint as part of the secret.
The first problem is that this fingerprint likewise can be attacked, and
secondly with hardware attacks like debuggers and JTAG cables and various
sidechannel data leaks, it's possible to extract even these secrets from
the target hardware to replicate it.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography