[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Fault-Based Attack of RSA Authentication

Hi everyone,

I thought this might be of interest to the list.   Pellegrini, Bertacco
and Austin at U of Michigan have found an interesting way to deduce the
secret key by fluctuating a device's power supply.  Its a minimal threat
against servers, but against hand held devices its more practical.  The
openssl people say there's an easy fix by salting.

Here's some referneces:




Anthony G. Basile, Ph.D.
Chair of Information Technology
D'Youville College
Buffalo, NY 14201

(716) 829-8197

Attachment: signature.asc
Description: OpenPGP digital signature