Bond. James Bond.
If I saw that in a movie I would have cried BULLSHIT in the middle of the freaking theatre.
Nowā¦ wowā¦ just wow.
Time to put silencers on our motherboards Mr Bond!
Iām not entirely convinced that ācoil whineā ā which would respond to overall system activity ā would have enough information specifically about the cryptokey to make this work.
If they were attributing this to a microphonic chip, Iād find it a bit more believable. But thatās still a matter of whether the right chip is cooperating.
If they were going after radio noise, Tempest-style, Iād find it more believable.
Iām not quite ready to call bullshit. I AM ready to call for independent replication before we take the claim at all seriously.
āAny sufficiently advanced technology is indistinguishable from a rigged demo.ā
The article is by some of the foremost and most reputable researchers in cryptography. While I agree with replicating all findings, I think itās hardly justifiable to assume theyāve just made a ārigged demoā to get some publicity.
Did you read the paper? Itās very in-depth. And it builds on earlier proof-of-concept work that previously showed that this should be possible.
GnuPG has already committed a fix.
Apologies if I gave the impressing I was assuming a rigged demo. Iām not; Iām a trifle concerned that they may have fooled themselves, eg by finding one particular machine which is particularly vulnerable.
Given that we believe the result, the fix seems plausible.
But the researchers are unimpeachable (Shamir is the āSā in RSA)
If I were him, Iād go around starting arguments with lesser crypto-nerds, just so I could finish them off with āDidnāt you know? Iām the S in RSA, mofo!ā
I read the whole paper and Iām sold. Good read, though most of the heavier stuff is only barely understandable to me. I think one measure of the validity is this:
Current status. We have disclosed our attack to GnuPG developers and main distributors as CVE-
2013-4576 [MIT13], suggested suitable countermeasures, and worked with the developers to test them.
New versions of GnuPG 1.x, GnuPG 2.x and libgcrypt, containing these countermeasures and resisting
our current key-extraction attack, were released concurrently with this paperās ļ¬rst public posting.
However, some of the eļ¬ects presented in this paper (such as RSA key distinguishability) remain present.
The developers took it seriously and implemented countermeasures as they could. Still, further review and new attacks will be interesting to follow.
They used more than one machine.
Or make a t-shirt that says that, and wear it always.
i wouldnāt call āone machineā fooling themselves. if it works on only one machine then the attack is sound. If that one machine was one that was purchased in bulk by large corporations or governments, bonus.
Am I right in understanding that the user has to be actively inputting their password in order for the extraction to work? Can it be masked by driving the cpu harder with another task simultaneously? Rendering 3dgraphics on high priority makes everything whine.
Thereās a simple fix - just play Bananaphone over and over again at maximum volume whilst doing your cryptowhatever.
I reference I saw in the Ars comments indicates that driving the CPU makes this easier.
Think of it this way ā the sound signature of the decoding of the specialized item will always be there. If it is against a randomly loaded and thus randomly fluctuating background, it could be harder to pick out. But if it is against a solid heavily loaded CPU, then that background noise becomes consistent.
As I understand it, the noise is associated with power consumption. Fully loading the CPU will make the variance in power consumption of the non-targetted processes very low, maximizing the signal (decode process) to noise (background task) ratio.
Theyāre not kidding about the use of sensitive equipment. I immediately recognized the robinās egg blue of a B&K preamp from the picture. That kit is crazy expensive.
I remember a few years ago when it was apparently possible to see what was being written to an HDD via the indicator LED. I assume theyāre too fast for that now.
Apparently, we hear today, Shamir is also the S in NSA.
This topic was automatically closed after 5 days. New replies are no longer allowed.
