Quite recently three techs from the University of Michigan have revealed that they were able to break the RSA encryption without having to resort to brute-force methods. They did this by fluctuating the voltage on the device's power supply. By changing the voltage to the CPU until it began generating a single hardware error per clock cycle, they discovered that they could cause the server to flip single bits of the private key at a time, revealing the entire private key bit by bit until it showed the password.
The techs did this using a cluster of 81 Intel Pentium 4 chips and 104 hours of processing to hack the RSA 1024-bit encryption in OpenSSL on a SPARC-based system. They also managed to do this without damaging the computer or the data it contained and without leaving a single trace. This means that while the techs did prove that it could be done, you're going to need a serious amount of processing power to be able to hack the RSA 1024-bit encryption. However, considering the current condition of organized cybercrime, this shouldn't be too difficult or too expensive to do, especially if the data contained within the server or computer is valuable enough.
The techs are set to present a paper concerning this fatal flaw at the Design, Automation and Test conference but news is still not forthcoming from RSA about it. For now it would probably be in your best interests to keep a closer watch on your server room's power supply, just in case there's an inside job going on inside. An outside job would still be possible but only if you have the required amount of processing cores in your private cloud.
Digg
Del.icio.us
Newsvine 
Facebook
Stumbleupon
Technology >
Business Tech
© Copyright 2010 International Business Times. Terms of service | Privacy Policy | Advertising | About Us | Contact Us | Archives
EMAIL
PRINT
RSS
SHARE
