I always see these non-intrusive side channels being applied to asymmetric crypt... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Confiks on March 4, 2016 \| parent \| context \| favorite \| on: ECDSA Key Extraction from Mobile Devices via Nonin... I always see these non-intrusive side channels being applied to asymmetric cryptography. From using a microphone to listen in on GPG RSA private keys, to now the difference between point adding and point doubling in ECDSA. But I wonder if there are feasible, modern attacks against software using symmetric encryption. For example products offering full disk encryption, or encrypted volumes. Or are the operations in symmetric ciphers so 'constant' as not to reveal anything about the master key?

tptacek on March 4, 2016 | [–]

From one of the same authors:

https://www.tau.ac.il/~tromer/papers/cache.pdf

powerbutton65 on March 4, 2016 | [–]

The authors cite some EM side-channel attacks in the paper (eg [0,1])

[0]: https://eprint.iacr.org/2015/561.pdf [1]: https://eprint.iacr.org/2015/727.pdf

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact