Last time I talked about mazar virus that hit Denmark and other European nations. This time there is another report on an attack that can steal your crypto keys.
Well, if guys don't know where you use the crypto keys here it is. Crypto keys are used to protect your pay accounts, wallets and many of the high value assets. So how is this done?
The exploiters use the side-channel attack that is based on Elliptic Curve Digital Signature Algorithm. This algorithm is used because it is faster than other crypto systems. It can be done when cryptographic operations are being done and by measuring the electromagnetic radiations. This way full extraction of data can be done. The attacker can perform such actions by measuring them using a simple magnetic probe, or using an USB cable of your phone and a USB sound card. It is said that researchers were able to fully extract the secret keys from OpenSSL.
The researchers from Tel Aviv university and University of Adelaide have published (separately) on how to extract the ECDH keys from a standard laptop. Although, this uses sound emitted by devices rather than the electromagnetic emanations that is used in the case of mobile phones.
No comments:
Post a Comment