New threat forces cryptography rethink

Discussion in 'privacy general' started by Ghost, Oct 9, 2002.

Thread Status:
Not open for further replies.
  1. Ghost

    Ghost Guest

    http://www.vnunet.com/News/1135796

    Hackers start using 'side-channel' attacks

    Side-channel attacks are the next big threat from hackers, according to the head of RSA Labs.

    Normal attacks on code are conducted by looking at the unencrypted message and the encrypted message and attempt to recover the encryption key.

    But side-channel attacks look at other information in an attempt to crack the code, such as the time taken to perform an operation and how power consumption changes.

    Bert Kaliski, head of RSA Labs, told vnunet.com that these methods are forcing the industry to think again.

    "Side-channel attacks are causing a fundamental rethink in the way we write encryption software," he said. "As the methods used become automated, our job is getting tougher."

    In order to counter the side-channel threat encryption software is being designed to mislead anyone who is monitoring the process.

    Until recently the focus of research was to cut processing time and minimise memory use. Now the encryption engine must camouflage itself, for example by varying the time taken to perform identical functions.

    At the recent Cryptography Research conference in San Francisco over half the speakers' time was dedicated to side-channel attacks. Attendees were shown adapted credit card readers that could be used for such an attack.

    Kaliski explained that encryption algorithms are still advancing. "The move from triple-Data Encryption Standard to the Advanced Encryption Standard [AES] should ensure that we're ahead of the crackers on one level. AES could be considered overkill," he said.

    There had been fears that AES could be broken after cryptographers Nicolas Courtois and Josef Pieprzyk published an attack which could theoretically work.

    However, the attacks would be impossible for years to come because of the complexity needed to cope with long key lengths.
     
  2. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    thats perty cool stuff to read thx for the posting that kinda stuff always intrests me
     
Loading...
Thread Status:
Not open for further replies.