Anderson & Kuhn's "Improved DFA" paper
stewarts at ix.netcom.com
stewarts at ix.netcom.com
Wed Nov 20 21:09:16 PST 1996
HP just announced their big new plans for international exportable crypto
using tamperproof PCM-CIA smartcards with multiple tamperproof GAK plugins.
Anderson&Kuhn just announced the latest in a series of attacks on
"tamperproof" hardware crypto modules by Israeli, UK, and US cryptographers.
Obviously it must be a conspiracy :-)
It's also an opportunity for some well-timed press releases.
Clipper 1's reputation was severely damaged by Matt's attack.
Anybody know if HP's giving out samples, and if there are real or test
GAK plugins for them?
HP URL http://www.dmo.hp.com/gsy/security/icf/main.html
The paper was posted to coderpunks, and it's on
ftp://ftp.cl.cam.ac.uk/users/rja14/dfa
Here's the intro:
---------------------------------------------------------------------
Improved Differential Fault Analysis
Ross J Anderson, Markus G Kuhn
In [1], Biham and Shamir announce an attack on DES based on 200 ciphertexts
in which one-bit errors have been induced by environmental stress.
Here we show an attack that requires less than ten ciphertexts.
Furthermore, our attack is practical in that it uses a fault model that
has been implemented in attacks on real smartcards.
In [2], Biham and Shamir show how their method can be extended to reverse
engineer algorithms whose structure is unknown. Our attack can also be
extended to such cases and is more efficient there too.
In [3], Boneh, De Millo and Lipton discuss how such techniques can be used
to attack RSA. Again, their attack is theoretical only,
We show how to do it in practice.
--------------------------------------------------------------------------
# Thanks; Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# You can get PGP outside the US at ftp.ox.ac.uk
# (If this is posted to cypherpunks, I'm currently lurking from fcpunx,
# so please Cc: me on replies. Thanks.)
More information about the cypherpunks-legacy
mailing list