Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Your computer is speaking your private key out loud?!



On 12/20/2013 10:09 AM, Darren Cook wrote:
It is not April 1st so I'm a bit stuck here:

http://arstechnica.com/security/2013/12/new-attack-steals-e-mail-decryption-keys-by-capturing-computer-sounds/

I fully understand how the sound of your CPU will change when under
load. I therefore understand how by listening to computer noise you
could tell when a user is decrypting an email.

Where I'm stuck is how that allows you to steal a 4096-bit private key.
It seems, at best, you could not get any more information than the CPU
line I see when running top?

CPU noises correspond to certain operations on the processor if you know what code the processor is running you can match the noises back to the code paths in the machine code for the program, and from that determine what was in the registers when the operation happened, which at some point will be the RSA key.

Edward


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links