On 3/11/2010 9:15 PM, David Shaw wrote:
> Basically, no, and for several reasons. There are a few things that need to
> be understood about the new attack. Briefly, this is an attack that relies
> on manipulating the power supply to the CPU, in order to cause it to make
> errors in RSA signatu
On 3/11/2010 9:13 PM, Robert J. Hansen wrote:
> OpenPGP assumes the endpoints of the communication are secure.
> If they're not, there's nothing OpenPGP can do to help you make it
secure.
> ...All tools have preconditions: the existence of a precondition doesn't mean
> the tool is broken.
> The pr
On Mar 11, 2010, at 3:39 AM, erythrocyte wrote:
> With the recent news of researchers being able to crack 1024-bit RSA
> keys using power fluctuations, I was wondering if it would be a good
> idea to switch the RSA keys I have to some other algorithm. Both my
> signing and encryption keys are 4096
erythrocyte wrote:
> On 3/11/2010 3:29 PM, Dan Mahoney, System Admin wrote:
>> On Thu, 11 Mar 2010, erythrocyte wrote:
>>> Ref:
>>> http://www.engadget.com/2010/03/09/1024-bit-rsa-encryption-cracked-by-carefully-starving-cpu-of-ele/
>>>
>> Okay, let me sum up this article for you:
>>
>> Researchers
> Alrighty. But doesn't this compromise the layer of security offered by
> the passphrase? What's the point having a passphrase at all, if it's so
> easy to compromise a private key?
You might as well ask, "what's the point of OpenPGP at all, if it's so easy to
Van Eyck your monitor?" Or, "if it
On 3/11/2010 3:29 PM, Dan Mahoney, System Admin wrote:
> On Thu, 11 Mar 2010, erythrocyte wrote:
>> Ref:
>> http://www.engadget.com/2010/03/09/1024-bit-rsa-encryption-cracked-by-carefully-starving-cpu-of-ele/
>>
>
> Okay, let me sum up this article for you:
>
> Researchers who had physical enough
On Thu, 11 Mar 2010, erythrocyte wrote:
With the recent news of researchers being able to crack 1024-bit RSA
keys using power fluctuations, I was wondering if it would be a good
idea to switch the RSA keys I have to some other algorithm. Both my
signing and encryption keys are 4096-bit keys. Am
With the recent news of researchers being able to crack 1024-bit RSA
keys using power fluctuations, I was wondering if it would be a good
idea to switch the RSA keys I have to some other algorithm. Both my
signing and encryption keys are 4096-bit keys. Am I vulnerable to this
security hole?
Is it
