April 26, 2010
Researchers Find Voltage-Related RSA Security Flaw
Researchers at the University of Michigan have discovered a serious flaw in RSA authentication, which is used in most laptop computers, smartphones and media players, as well as to protect online bank or e-commerce customer data.
RSA authentication requires use of both a public key to encrypt information and a private key to decrypt it. However, in their report, 'Fault Based Attack of RSA Authentication,' computer scientists Andrea Pellegrini, Valeria Bertacco and Todd Austin found that by altering the voltage supply to the processor of the private key holder, they could thwart a security system and gain access to the protected data.
"For any computing system to be secure, both hardware and software have to be trusted," the authors write. "If the hardware layer in a secure system is compromised, not only it would be possible to extract secret information about the software, but it would also be extremely hard for the software to detect that an attack is underway."
To test their theory, Pellegrini, Bertacco, and Austin launched "a complete end-to-end fault-attack on a microprocessor system" in order to "demonstrate how hardware vulnerabilities can be exploited to target secure systems. We developed a theoretical attack to the RSA signature algorithm, and we realized it in practice against an FPGA implementation of the system under attack." In doing so, they were able to uncover the 1024-bit private key in an about 100 hours.
"Our mainstream research in this area is to make microchips operate correctly even in the face of transistor failure," Bertacco told BBC News on Monday, adding that the university researchers hope that their work will lead to both an overhaul of the RSA security system to make the public key less susceptible to this kind of attack as well as more reliable chips.
"As transistors get smaller, so they are more prone to failure," she also noted.
On the Net: