http://www.roumazeilles.net/news/en/wor ... -networks/
"Public-Key cryptography ready to shatter?
Sunday, November 19th, 2006
Public-Key Cryptography is a very common technique used to protect sensitive information by encoding it in such a way that decoding relies on the extreme difficulty of some mathematics techniques (like finding the root factors of a prime integer). Today, a large part of our security is relying on this (including most of the secure communications over Internet).
But German cryptologist, Jean-Pierre Seifert (Universities of Haïfa and Innsbruck) seems on the bring of reavealing an unusual line of attack to this critical technology. He is set to present this in the next RSA conference in 2007. This could be a shattering blow to Internet security as we know it.
Essentially, the attack relies on the possibility to observe the operation of the CPU itself. Today’s microprocessors include a technique known as predictive branching that tries to anticipate results of some calculations. If the prediction is right, everything is very fast, if not the microprocessor still has to do a lengthy calculation. This results usually in huge performance improvements, but for the cryptologist it means that without knowing too much you can identify (from the exterior) what the microprocessor calculation results are, just by looking at the time it takes to do the computation steps.
This opens the door to a new generation of spying software that could rather easily crack the secret keys of some of the communications we consider quite secure. For the moment, since no precise details have been given, and since no demonstration has been made in the public, we are rather secure, but the vast majority of the specialists already consider that approach will certainly lead to a flurry of new easy-to-write spyware (before that cracking the secure key of those communications could take from years to millions of millenia of heavy computation; now we are speaking of near instantaneous break through)."
Interesting. Kinda like they investigate nukular physics - crash two trains in a tunnel then see what parts fly out the ends
"Public-Key cryptography ready to shatter?
Sunday, November 19th, 2006
Public-Key Cryptography is a very common technique used to protect sensitive information by encoding it in such a way that decoding relies on the extreme difficulty of some mathematics techniques (like finding the root factors of a prime integer). Today, a large part of our security is relying on this (including most of the secure communications over Internet).
But German cryptologist, Jean-Pierre Seifert (Universities of Haïfa and Innsbruck) seems on the bring of reavealing an unusual line of attack to this critical technology. He is set to present this in the next RSA conference in 2007. This could be a shattering blow to Internet security as we know it.
Essentially, the attack relies on the possibility to observe the operation of the CPU itself. Today’s microprocessors include a technique known as predictive branching that tries to anticipate results of some calculations. If the prediction is right, everything is very fast, if not the microprocessor still has to do a lengthy calculation. This results usually in huge performance improvements, but for the cryptologist it means that without knowing too much you can identify (from the exterior) what the microprocessor calculation results are, just by looking at the time it takes to do the computation steps.
This opens the door to a new generation of spying software that could rather easily crack the secret keys of some of the communications we consider quite secure. For the moment, since no precise details have been given, and since no demonstration has been made in the public, we are rather secure, but the vast majority of the specialists already consider that approach will certainly lead to a flurry of new easy-to-write spyware (before that cracking the secure key of those communications could take from years to millions of millenia of heavy computation; now we are speaking of near instantaneous break through)."
Interesting. Kinda like they investigate nukular physics - crash two trains in a tunnel then see what parts fly out the ends
Even if you know how long each step of a calculation took and can use this to somehow infer what those steps are, you still need to know the value of all variables before you can get the correct answer. Which means it will still take years for a supercomputer to crack any half decent crypto algorithms.....
<>
x2+
x3
x2
x2+
x2
x3
x2+