1024-bit RSA encryption cracked by carefully starving CPU of electricity

Man, how do they come up with stuff like that  ??? Very interesting.

It’s actually pretty impressive.  104 hours to crack 1024 bit encryption is very significant. 

@awesec wrote:

“… By fluctuating the voltage to the CPU such that it generated a single hardware error per clock cycle, they found that they could cause the server to flip single bits of the private key at a time, allowing them to slowly piece together the password.

Wow!  I don’t know about anyone else, but I NEVER would’ve even begun to think of something like that.  Amazing results, from amazing people.  For those that don’t know their history, U of M is also the originator of LDAP.  (Note, I’m an Ohio State Buckeye fan, so go Bucks!  But I’ve got to give credit, where credit is due…)

Yeah, I can’t wait to see the full writeup on this.

I’m surprised that DoD hasn’t stopped this from being presented.  In the US, you are required to submit research on number theory to DoD for pre-publication review (the original intent was to give them a heads up on a prime factorization flaw to avoid breaking public key crypto).  While some may argue, I think this falls squarely into number theory and personally, I don’t think it should be released until RSA has a chance to review the attack and fix the flaw (if that’s even possible).  I’m normally for information disclosure, but RSA is too fundamental to the economy IMHO.