Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Find Way To Zap RSA Algorithm

Posted by timothy on from the vhat-here-in-ze-laboratory dept.

alphadogg writes "Three University of Michigan computer scientists say they have found a way to exploit a weakness in RSA security technology used to protect everything from media players to smartphones and e-commerce servers. RSA authentication is susceptible, they say, to changes in the voltage supply to a private key holder. While guessing the 1,000-plus digits of binary code in a private key would take unfathomable hours, the researchers say that by varying electric current to a secured computer using an inexpensive purpose-built device they were able to stress out the computer and figure out the 1,024-bit private key in about 100 hours – all without leaving a trace. The researchers in their paper outline how they made the attack (PDF) on a SPARC system running Linux."

4 of 173 comments (clear)

  1. Good. by Anonymous Coward · · Score: -1, Offtopic

    n/t

  2. Linux on Sparc? by newdsfornerds · · Score: 0, Offtopic

    Gee, does anyone run Linux on Sparc in production, or know anyone who knows anyone who does or did? Heh.
    Yeah I know these distros exist and work well. It's just an odd choice of platform, IMHO.

    --
    Damping absorbs vibrations. Dampening is caused by moisture.
  3. Has been done before by Anonymous Coward · · Score: -1, Offtopic

    I am with Linus on this one
    Linus is right
    The man makes sense
    He is absolutely correct on this one

  4. good news by bugs2squash · · Score: 0, Offtopic

    that it seems possible to defend against these attacks with a software change, for example validating the result before sending it.

    --
    Nullius in verba