Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Find Way To Zap RSA Algorithm

Posted by timothy on from the vhat-here-in-ze-laboratory dept.

alphadogg writes "Three University of Michigan computer scientists say they have found a way to exploit a weakness in RSA security technology used to protect everything from media players to smartphones and e-commerce servers. RSA authentication is susceptible, they say, to changes in the voltage supply to a private key holder. While guessing the 1,000-plus digits of binary code in a private key would take unfathomable hours, the researchers say that by varying electric current to a secured computer using an inexpensive purpose-built device they were able to stress out the computer and figure out the 1,024-bit private key in about 100 hours – all without leaving a trace. The researchers in their paper outline how they made the attack (PDF) on a SPARC system running Linux."

8 of 173 comments (clear)

  1. Like lead pipe cryptanalysis... by Anonymous Coward · · Score: 5, Funny

    ...whether interrogating a human or a computer, apparently it is a simple matter of voltage.

  2. Could this be considered... by ravenspear · · Score: 4, Funny

    ...electronic torture?

    We can just declare this method in violation of the computer's rights and solve the problem easily!

    1. Re:Could this be considered... by Bakkster · · Score: 5, Funny

      ...electronic torture?

      Wattage-boarding

      --
      Write your representatives! Repeal the 2nd Law of Thermodynamics!
    2. Re:Could this be considered... by bluesatin · · Score: 2, Funny

      This isn't much use for LAME as it's open source, you can just grab any information you want off SourceForge.

  3. xkcd already did it cheaper by snarfies · · Score: 3, Funny

    Rather than apply electrical current to a key holder, wouldn't it be easier and cheaper to apply a $5 wrench?

  4. "without leaving a trace..." by starglider29a · · Score: 3, Funny

    ...except for the empty bags of cheese puffs, Rockstar cans, and several bottles of "lemon gatorade", no one would suspect that they had been there.

  5. Re:Article == Summary by Anonymous Coward · · Score: 1, Funny

    Nah, he was actually the second poster. I was going to be the first poster, but my computer's voltage supply started to fluctuate as I was trying to post, causing me problems. Have no fear, as this would-be-first-poster indeed did not RTFA.

  6. Obligitory XKCD. by toastar · · Score: 2, Funny

    Just use Social Engineering