[Cryptech Tech] hardware attack vector #xx4
Joachim Strömbergson
joachim at secworks.se
Tue Feb 25 09:50:33 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Aloha!
manning bill wrote:
> This might be in your library already…
Yes, but good of you pointing it out anywat. It is really one of those
things that only good measurements on physical devices (extracting huge
amounts of entropy data and test it with dieharder for example) will be
able to detect.
There are also some attempts at probing these kinds of attacks. But they
are probably out of scope for most Cryptech implementators:
http://eprint.iacr.org/2013/579
This article also shows how stealhy selection of cells or even change in
cell geometry creates differences in supply draw that can be detected
and used as side-channel attacks.
Scary stuff indeed. We need to list these kinds of problems and be able
to state what we can protect against, detect etc.
Thanks!
- --
Med vänlig hälsning, Yours
Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
Joachim Strömbergson Secworks AB joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBCAAGBQJTDGdoAAoJEF3cfFQkIuyNb+gP+wUVP677siYyOVa/rylsNRwO
GvYHc7gCYqqGvgikhJsL98vo9ws/ww8ErT8+P/J7kNOmfmzOEWTb7GL7ngVKa0AP
U/Nm0hejsAocPlMthBkGHbysERRe7k1QFzaqbqcT7EQ12evxsJeynewyjLgVQm57
v8RZ2ybWy8L0FxcDroFp0i8oRb9NFmzt4vZ3bdQaI4tfACe9GrYIxTDQZm2g4jjg
+psOtvi9RhUfTavAtMNqkbx8mlAk3YLQAtQ0FZ81+bUL5lwtFhyxfpwOPxEX3KoR
pggac7xYKyDo5eQmtNHkO0Aa69OcCgHnlZZHJqBmFtCQDn3Bytl/lW7tecUqB/Y2
WLO/9jbImhP9THtR/lC1MtvlZRjRSRIl5D2WuM811/2AqGHKemw2PsNipWXB+f/B
TzUnjOeMuBbhNOXlv/tYm6bJCL/i/T1RhoVker+BkKs71Q44Q2NB9uFAJWKGt5Bk
+DY/wtl/v+jyP5fzFUKwnsnJPKcaJkXjKeu+QK2yVON/HfVF15GV1sNaPInTe8jg
xzaff92rO2Xw9YzVYOqbjnk8oncmKtmhMkW0Gg5/KN8zkKN239V00B/SNzAU/g1I
mUsaYn5FRlbcqWmKFbo8b9TSYypfBu4FU3eWdtemqW8zq+DZvEVfh2Dr5KlOScdZ
HmmId5QN43Cbd+ur6dr8
=gv5L
-----END PGP SIGNATURE-----
More information about the Tech
mailing list