On 12/24/2013 11:58 AM, Dirk Gently wrote:
Greg Freemyer wrote:
Beyond belief:
http://www.forbes.com/sites/timworstall/2013/12/21/researchers-break-rsa-409...
4096 bit encryption key broken by "listening" to a computer decrypt known emails.
I haven't read the paper about it yet.
Greg
I think it's a hoax, to make us give up on trying to protect anything with encryption.
The article is basically making the case that we can get distinquishable (from each other) sounds made by the heatin and cooling of individual register bits and other digital logic within the CPU and other chips.
I find that beyond credibility considering the other noise in the environment
Well, download the entire paper http://www.tau.ac.il/~tromer/papers/acoustic-20131218.pdf and see if you still think its a hoax. The point is, like many of these things, it works only in the Lab, and in a typical office with more than one computer, you could never pull it off. You have to know exactly when the computer is opening the specific email, (the contents of which are known to you). If a different computer is used, you have to start all over. If the computer is reading the web, or doing any other work, you are also screwed. And of course you need to convince your victim to sit quietly and open encrypted emails after you drape equipment all over the office. Far more worrisome is the far-end-cable attack mentioned in Appendix B. On a large corporate network, anyone with access to the patch-panel might be able to pull off such an attack. Real world: No. -- _____________________________________ ---This space for rent--- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org