1024-bit RSA encryption cracked by carefully starving CPU of electricity

Ubuntu uses 2048-bit encryption. I'll just move on to something else when they break that too. Probably next week.

Please stick to reviewing gadgets, or at least consult someone able to understand this kind of thing.

Actually with the new cpu, ram structures for high end servers, and the power of powershell, and a few new technologies. You can easily cycle / alter the power supplies to a server remotely, with scripts. Even if you don't have access to the file system. So hit their web server get your public key, gain access to run powershell on server, (not to hard to do if you have a weak link employee, with admin rights) start decrypting the code. Now granted a smart IT office will be monitoring the power fluxes on the hardware. The software that manages it should throw up flairs etc, as well. So there is no urgent need to panic, but there are needs to be concern for big business. For example my former employer needed to move 4 server racks from one state to another. New data facility. They requested and paid for military escort for the whole trip. 3 armed hummers, 2 sets of state police, and 5 troops in the transport truck. The servers all had encryption and super high level passwords, etc. but it's cause of things like this that make it to risky to just transport a server. So yes on average not a big deal, but when you start looking at all the ways to get a public key, and then go after the main key, it becomes scary. Some IT guy sets his laptop down, you crack it and start power cycling it to get the host key. Once you have it, you can start decrypting other things.

Very interesting, but that engadget article is so misleading. It claims:

"By fluctuating the voltage to the CPU such that it generated a single
hardware error per clock cycle, they found that they could cause the
server to flip single bits of the private key at a time, allowing them
to slowly piece together the password."

Compared to this sentence from the actual paper published by the researchers:

"Finally, we apply our technique to demonstrate the fault-based attack
on a SPARC-based microprocessor system, implemented on FPGA and
running Linux. We inject faults into the system through simply
manipulating the voltage supply, resulting in occasional transient
faults in the SPARC processor’s multiplier."

So, first it's their own implementation of a SPARC processor in an
FPGA - possibly allowing them to have careful control over the nature
of the faults. Secondly, it's not "a single hardware error per clock
cycle", it's "occasional transient faults in the processor's
multiplier". A very specific fault, occuring at rather less frequently
than once per clock cycle. It requires very carefully timed faults in
a very specific part of the processor:

"Specifically, we assume that an attacker can occasionally inject
faults that affecting the result of a multiplication computed during
the execution of the fixed-window exponentiation algorithm."

It's interesting for sure, but this is far from an attack ready for
mainstream. They have come up with an idea, and crafted a system to
show that idea is possible in a carefully controlled environment. They
have chosen a RISC processor, but I suspect that the modern multicore
CISC processors would make this attack even more difficult.

Whether this has any practical implications is very much more an open
question, not that that makes this any less interesting.

Nathanael