Topic: Scientist-devised crypto attack (Read 1335 times)
It has to be efficient, they're SCIENTISTS!
Isn't it really just a flaw with Intel chips, rather than OpenSSL?
Is it theoretically possible to protect algorithms from side channel attacks by obfuscating their inner workings and fudging whatever signals they radiate?
Most likely a future update to OpenSSL
Is it theoretically possible to protect algorithms from side channel attacks by obfuscating their inner workings and fudging whatever signals they radiate?
So is this legit ?
Yes, but once an attacker has that level of access to your hardware all bets are off and for most people, bitcoin loss would be the least of their worries. Of course, big bitcoin holders might be targeted more, but really once an attacker is this close there are any number of other attacks that would be more practical.So your saying he would have to be in the same room ?
So your saying he would have to be in the same room ?
The risk is that if a private key to one or more addresses is reused on a shared machine, such as in cloud computing, it is possible to determine the private key. The researchers were able to determine the private key after 200 signings.
I would think that using disposable addresses where a private key is used to sign a transaction only once, should minimize or eliminate the risk.
Just have to assume anything is possible these days.
The risk is that if a private key to one or more addresses is reused on a shared machine, such as in cloud computing, it is possible to determine the private key. The researchers were able to determine the private key after 200 signings.
Assuming, of course, that all the electro-magnetic signal of sufficient machines in the cloud are under permanent laboratory observation with instruments carefully specified for each individual machine construction until the investigators manage to detect, attribute to the correct public key hash, and do all the necessary measurements on the 200 signings.
I'll also note that, from the article, this is an OpenSSL (presumably temporary) weakness. Not Bitcoin's.
So your saying he would have to be in the same room ?
The risk is that if a private key to one or more addresses is reused on a shared machine, such as in cloud computing, it is possible to determine the private key. The researchers were able to determine the private key after 200 signings.
I would think that using disposable addresses where a private key is used to sign a transaction only once, should minimize or eliminate the risk.
So is this legit ?
Yes, but once an attacker has that level of access to your hardware all bets are off and for most people, bitcoin loss would be the least of their worries. Of course, big bitcoin holders might be targeted more, but really once an attacker is this close there are any number of other attacks that would be more practical.So your saying he would have to be in the same room ?
So is this legit ?
Yes, but once an attacker has that level of access to your hardware all bets are off and for most people, bitcoin loss would be the least of their worries. Of course, big bitcoin holders might be targeted more, but really once an attacker is this close there are any number of other attacks that would be more practical.
So is this legit ?
LOL side channel.
Yeah, I am cracking your computer by measuring the temperature fluctuations outside your house.
Yeah, I am cracking your computer by measuring the temperature fluctuations outside your house.
Jump to: