Chip Malfunctions Reveal Private Keys

By Robert Vamosi | 7/30/12 5:27 AM

Key leakage via side channel attacks, were the attacker "listens" to fluctuations in voltage as the encryption takes place, is well known. Recently, German researchers found that a faulty processor might also leak secrets during encryption. Known as transient faults, these were considered hard to produce … until now.

At last week's Black Hat Briefing in Las Vegas, Valeria Bertacco, associate professor of electrical engineering and computer science at University of Michigan and her team, found a way to produce transient faults on Linux servers they built running an Open SSL library and RSA encryption. The team found several ways for the server to fail: by altering the voltage; by changing the temperature of the chips; by over-clocking (it shortens the time to traverse the logic cloud); and natural particles that change internal signals. She demonstrated these adverse conditions on a Leon3 SPARC system using OpenSSL 0.9.8i ’s fixed Window Exponentiation algorithm.

Read More >

Inexpensive Side Channel Attacks Threaten Smartcard Security

By Robert Vamosi | 6/24/11 3:23 AM

Researchers at the 7th Workshop on RFID Security and Privacy 2011 (RFIDsec11) in Amherst, Massachusetts, will demonstrate this weekend a way of observing (and therefore decoding) the encrypted RFID signals from common contactless smartcards. While side channel attacks (SAS) are not new, the method they propose to observe the electronic leakage of data is considerably less expensive than previous methods and thus provides a real world threat as RFID comes into the mainstream.

Read More >

RSA co-founder to keynote RFIDsec

By Robert Vamosi | 5/9/11 9:12 AM

RSA co-founder Adi Shamir will provide the opening keynote at the 7th Workshop on RFID Security and Privacy 2011. The event will be held in Amherst, Massachusetts June 26- 28, 2011. Mocana is one of the sponsors.

Read More >