[Gnuk-users] FST-01 is going to be non-reproducible any more
NIIBE Yutaka
gniibe at fsij.org
Tue Jan 12 03:59:03 UTC 2016
On 01/12/2016 11:53 AM, Yuji IMAI wrote:
> I read it again and find he just described notes electromagnetic
> radiation. There appears no word like TEMPEST nor side channel
> attack. I may confuse discussion.
Perhaps, you would be confused by the paper.
Stealing Keys from PCs using a Radio:
Cheap Electromagnetic Attacks on Windowed Exponentiation
http://www.tau.ac.il/~tromer/radioexp/
It is against old versions of GnuPG on a laptop (not Gnuk Token) and
the paper says the attack can be mounted from 50cm away.
I don't know this kind of attack can be possible against Gnuk Token.
To be a target of such an attack, Gnuk should be more popular.
> In short, We had better making sure "directly" connecting my PC and
> the Gunk token before worrying about remote inference. Right?
We should care about anything unusual, a hub, an antenna, a power
source, a room which can hide large antenna, or a microphone, etc.
My point is that: when we connect our token directly (without a hub),
we can decrease the items in a check list. If you use a hub to
connect your token to PC, the hub should be in your check list (also
customizing the hub to detect modification makes sense to me). If you
use a extension cable, I'd say, it's better to customize it too.
--
More information about the gnuk-users
mailing list