It is possible to extract encryption keys by recording coil whine with a phone next to the computer (2013 paper) (web.archive.org)

submitted 10 months ago* (last edited 10 months ago) by HiddenLayer5@lemmy.ml to c/security@lemmy.ml

7 comments fedilink hide all child comments

A more TLDR article about this: https://www.extremetech.com/defense/173108-researchers-crack-the-worlds-toughest-encryption-by-listening-to-the-tiny-sounds-made-by-your-computers-cpu

FAQs from the researchers: https://web.archive.org/web/20230130225254/http://www.cs.tau.ac.il/~tromer/acoustic/

you are viewing a single comment's thread
view the rest of the comments

[-] inspxtr@lemmy.world 5 points 9 months ago

Since this seems to be a 2013 paper, does any one know whether there has been any update regarding software (except for GPG) or hardware defense against this attack?

[-] HiddenLayer5@lemmy.ml 1 points 9 months ago

The researchers say in the FAQ that they disclosed it to GnuPG and they have mitigated their implementation against their specific attack, but it leaves the question of whether it is still vulrnable to a a more advanced method of audio sidechanneling and whether other encryption implementations, say, OpenSSL, OpenSSH, or Veracrypt, are also vulrnable to similar attacks.

this post was submitted on 01 Jan 2024

22 points (84.4% liked)

Security

4987 readers

2 users here now

Confidentiality Integrity Availability

founded 4 years ago

MODERATORS

gary_host_laptop@lemmy.ml