[Bug 1263189] [NEW] Low-Bandwidth Acoustic Cryptanalysis
Sworddragon
1263189 at bugs.launchpad.net
Fri Dec 20 17:59:25 UTC 2013
Public bug reported:
2 days ago a document was published
(http://www.cs.tau.ac.il/~tromer/acoustic/) which demonstrates how to
get the key of cryptographic algorithms due to acustic signals of the
cpu, the electric potential and even the power consumption. Because Q10
points out that maybe other cryptographic algorithms could be affected
I'm creating this report for applications that uses them like ecryptfs,
dm-crypt, Firefox (master password), etc. to go sure if they are
affected and need to be fixed or not. At least GnuPG 1.4.16 and 2.x are
already safe against this attack.
** Affects: cryptsetup
Importance: Undecided
Status: New
** Affects: firefox
Importance: Undecided
Status: New
** Affects: ecryptfs-utils (Ubuntu)
Importance: Undecided
Status: New
** Also affects: cryptsetup
Importance: Undecided
Status: New
** Also affects: firefox
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to Mozilla Firefox.
https://bugs.launchpad.net/bugs/1263189
Title:
Low-Bandwidth Acoustic Cryptanalysis
To manage notifications about this bug go to:
https://bugs.launchpad.net/cryptsetup/+bug/1263189/+subscriptions
More information about the Ubuntu-mozillateam-bugs
mailing list