Breaking RSA Keys by Listening to Your Computer

An anonymous reader writes "Adi Shamir and crew gave a talk on preliminary results in extracting a private RSA key just by listening to the computer!. Similar to power analysis and LED leakage, this is a non-invasive, side channel attack that may have applications to tamper-resistant systems. It appears to be related to noisy capacitors on the motherboard, an effect which has been observed when CPU power saving is enabled on laptops."

Extracting the Actual Numbers?

[artlu]

The article does not deal with actually computing the encoding (Pe) and decoding functions (Pd) for q,n,d. Where q,n are unique primes. The only thing their interference spotted is the markings between computing each function for the signature, and this drastically varies based on the machine. They do have a Proof of Conept, but no quantifiable data.
My $0.02.

artlu

Re:RSA sucks anyway

[kasperd]

Nope, for it's DSA/DSS all the way, and all the noisy capacitors in the world won't help you break it.
That wouldn't change anything. RSA as well as DSS is based on modulus exponentiation with a secret exponent. If you can get the exponent you have broken the system, it is as simple as that.

Why do I trust it? Because it was developed by the NSA, not a bunch left leaning MIT eggheads.
That kind of logic is useless in the security business. Basing your trust upon who designed the algorithm is stupid. How many (and who) tried to break the algorithm and failed at that is a better meassure on the security. A good rationale behind the design is another good meassure on the security. And finally mathematical proofs.