I love living in the future.

Dec. 19th, 2013 02:17 pm
theweaselking: (Default)
[personal profile] theweaselking
"Here, we describe a new acoustic cryptanalysis key extraction attack, applicable to GnuPG's current implementation of RSA. The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour, using the sound generated by the computer during the decryption of some chosen ciphertexts. We experimentally demonstrate that such attacks can be carried out, using either a plain mobile phone placed next to the computer, or a more sensitive microphone placed 4 meters away."

That's right: Extracting your private key, by using a phone to record the sound your laptop makes while decrypting stuff.

This is AWESOME.
Threaded | Top-Level Comments Only

(no subject)

Date: 2013-12-20 07:51 pm (UTC)
From: [identity profile] pappy-legba.livejournal.com
Not that computer security was ever [i]simple,[/i] but it seems that someone turned the cyberpunk knob on reality way up since 2010 or so. Remember when all the big threat was botnets running off unpatched windows machines?

(no subject)

Date: 2013-12-20 07:56 pm (UTC)
From: [identity profile] theweaselking.livejournal.com
That's still a big threat. It's just a *different* threat.

(no subject)

Date: 2013-12-20 08:06 pm (UTC)
From: [identity profile] pappy-legba.livejournal.com
They absolutely are, but the days when they were the poster child for computer security is gone. Virtual networks of compromised computers acting on the behest of a shadowy criminal organization... sorry, that's just too prosaic to make news these days.

Edit: bbcode -> HTML. Jumping too many forums today.
Edited Date: 2013-12-20 08:07 pm (UTC)
Threaded | Top-Level Comments Only

Profile

theweaselking: (Default)theweaselking
Page generated Mar. 10th, 2026 01:46 pm