Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenSSL Timing Attack Can Intercept Private Keys

Posted by Unknown on from the if-you-have-a-very-precise-watch dept.

Trailrunner7 writes "Remote timing attacks have been a problem for cryptosystems for more than 20 years. A new paper shows that such attacks are still practical ... The researchers, Billy Bob Brumley and Nicola Tuveri of Aalto University School of Science, focused their efforts on OpenSSL's implementation of the elliptic curve digital signature algorithm, and they were able to develop an attack that allowed them to steal the private key of an OpenSSL server."

2 of 31 comments (clear)

  1. No one uses ECDSA certificates. by Mysteray · · Score: 4, Informative

    The EFF's SSL observatory project found a handful of them on servers on the internet, but none of them actually rooted to a well known CA.

  2. Re:OpenSSH is not vulnerable by dmiller · · Score: 4, Informative

    No, it is not vulnerable to this attack. The Brumley/Tuveri paper describes a timing leak in a specific algorithm that is only used for elliptic curve crypto over binary/GF(2m) fields. OpenSSH uses ECC over prime fields that use different algorithms that have no known timing leaks. A result against ECC using prime fields would be more difficult because the curve point components are integers and so can use well-tested modular arithmetic code.