Implications Of The Recent RSA Vulnerability
Dan Mahoney, System Admin
danm at prime.gushi.org
Thu Mar 11 10:59:45 CET 2010
On Thu, 11 Mar 2010, erythrocyte wrote:
> With the recent news of researchers being able to crack 1024-bit RSA
> keys using power fluctuations, I was wondering if it would be a good
> idea to switch the RSA keys I have to some other algorithm. Both my
> signing and encryption keys are 4096-bit keys. Am I vulnerable to this
> security hole?
>
> Is it possible to generate a new keypair and retain/transfer the old
> signatures from my email buddies?
>
> Ref:
> http://www.engadget.com/2010/03/09/1024-bit-rsa-encryption-cracked-by-carefully-starving-cpu-of-ele/
Okay, let me sum up this article for you:
Researchers who had physical enough access to be able to rewire the
private-key-holder's system's power supply were able to compromise that
system.
If you're at that point, I don't think key length is your problem.
-Dan Mahoney
--
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gushi.org
---------------------------
More information about the Gnupg-users
mailing list