Tags

,

It was not late when we heard 768-bit RSA key’s were factored by a bunch of ‘academic researchers’, by brute-forcing it. Applying brute force is a big computational challenge. But this challenge gets easier every year as processor speed and efficiency increase, making ‘secure’ a bit of a moving target.
This process carried out in early December — generated a five-terabyte decryption table and, say the researchers, would have taken them around 1,500 years using an AMD Opteron-based single PC.

So, 1024 bit was considered safe (till now) but, ahh ! here comes another heart-throbbing act by three egg-heads Andrea Pellegrini, Valeria Bertacco and Todd Austin of University of Michigan. They cracked 1024-bit RSA encryption by carefully starving CPU of electricity !


By fluctuating the voltage to the CPU such that it generated a single hardware error per clock cycle, they found that they could cause the server to flip single bits of the private key at a time, allowing them to slowly piece together the password. With a small cluster of 81 Pentium 4 chips and 104 hours of processing time, they were able to successfully hack 1024-bit encryption in OpenSSL on a SPARC-based system, without damaging the computer, leaving a single trace or ending human life as we know it, that’s why — until RSA hopefully fixes the flaw — you should keep a close eye on your server room’s power supply.
The scientists outline their findings in a paper titled “Fault-based attack of RSA authentication“, to be presented 10 March at the Design, Automation and Test in Europe conference.”
Advertisements