back to article 'Severe' OpenSSL vuln busts public key crypto

Computer scientists say they've discovered a "severe vulnerability" in the world's most widely used software encryption package that allows them to retrieve a machine's secret cryptographic key. The bug in the OpenSSL cryptographic library is significant because the open-source package is used to protect sensitive data in …


This topic is closed for new posts.


  1. Yet Another Anonymous coward Silver badge


    It is a software problem. The implementation of the algorithm leaks information about it's internal state if you inject a bit error, or stop the processing at a particular point.

    It's a well known attack, it was done 10years ago against IBM crypto chips using radiation induced errors.

    There are a bunch of well known security programming tricks to stop this, and the similar power load analysis attacks.

  2. Anonymous Coward

    It doesn't work

    After reading this, I tried to induce my Sky box to divulge it's porn channels for free by modulating the power supply with my Arc welder. It seems Sky, in their wisdom, anticipated this attack and have built in a protection mechanism where the box shuts down permanently after emitting a modest amount of smoke.

    It would probably be better if the Reg resisted publishing these types of stories until the 1st April.

  3. Anonymous Coward
    Anonymous Coward

    SSL not fit for purpose

    SSL is no longer fit for purpose and needs to be replaced. Modern application aware firewalls perform an SSL Decrypt (a man-in-middle attack) in order to identify the traffic and then can block the connection. Unless you check the SSL certificate, or the CA signed SSL certificate on the firewall expires (causing your browser to issue a warning) you are not going to notice.

    Check your site's SSL certificate just in case.

    1. codebeard

      Re: SSL not firt for purpose

      Anonymous Coward, you are entirely wrong. Modern application aware firewalls have no way to decrypt your SSL traffic, and no way for their SSL certificates to be injected in a man-in-the-middle attack without your browser issuing a warning.

      1. a walker

        what you don't know......

        You are sadly misinformed, I witnessed a PA-500 (Palo Alto) firewall do this in virtual wire mode. This firewall is two generations ahead of Checkpoint and probably one generation ahead of Fortinet.

        It is very success at SSL decrypt and in fact can identify banking sites and not decrypt the traffic (as part of the security policy).

      2. benoit


        Whoever controls the list of root CAs on your machine can do this. SSL is not foolproof. Various corporate products have this capability.

  4. Stephen Bungay
    Thumb Down

    So, a non-news item then....


    I love it... a dire warning to those who seek to lock content (HD Video and Audio) to prevent it from being copied... not a warning to the world at large...(those of us doing our banking and buying things on eBay).

    "Although the attack technique is difficult to carry out, it could eventually be applied to a wide variety of devices, particularly media players and smartphones with anti-copying mechanisms."

    Difficult to carry out? Could eventually be applied? Thanks but no-thanks for the heads up on how to crack blue-ray.

    1. Disco-Legend-Zeke

      Ring... Ring... Ring..

      ... [...] Sorry to bother you, Mr. Executive, this is Jimmy over at the pressing plant, I, Er, lost the password to get the Key for [movie name,] and if i have to get 100 thousand out by midnight,

      I was wondering if...

  5. C 2

    I dunno about severe ..

    How precisely to you have to produce 'transient' events in a power supply to finally squeeze out a few crumbs ? Can this be done consistently for 100 hours without destroying the device?

    And then you still need to use an HPC cluster to tease the encryption key together?


    I would think that this would just encourage hardware vendors to ship devices with more robust power supplies, that shouldn't be too difficult .. problem solved.

  6. Aus_Eng
    Black Helicopters

    Yes, it is important, and a SSL fault

    I thought the strength of FOSS was the "many eyes" looking at these issues, therefore when one of those "many eyes" finds something, what does the FOSS community do ?

    They complain and argue against it, and attack the messenger. I thought the "model" of FOSS was supposed to promote and support testing and experimenting with the code?

    Assume you have a large group of people working on breaking into a system, mabey something like the chinese government. With huge resources, people "on the inside" and massive support and technical resources.

    Now also consider, the further development of this type of exploit, (bug).

    You know programmically control you're CPU and RAM voltages, you can also remotely control the CPU load, and progababy even the internal cooling system including CPU fan.

    So it's quite possible for future development and work on this bug would make it exploit REMOTELY exploitable.

    Also with "inside" workers, (say a chinese IT worker working in google chine, on a night watch).

    Would be able to access the machine, and with the availability of super computers get the key's he wants. Mabey without detection.

    a Cluster of 81 P4's, what would a couple of fully configured quit CPU, quad Core i7's and 4 TESLA cards do it in. Probably not that long. with a desktop supercomputer or two.

    So this exploit/bug is critical, and it's not that big a step to refine it as a remote exploit, it might be as easy as watching the CPU load, and taking advantage of the expected known CPU temp.

    Or varying the CPU and RAM voltages (as overclockers do all the time), making it a remote exploit. (not to mention the 'insider job' possibility).

    It's is a fault (bug) in OpenSSL, there should be NO WAY for fragments of the Key to be released in clear text due to hardware operational issues.

    It's about time FOSS start to take security more seriously, and cease beign so cavalear with the assumption that 'all it just dandy in FOSS'. It's not........

  7. Anonymous Coward
    Anonymous Coward

    What are we going to do today Brain?

    The same thing we do everyday Pinky, inject slight fluctuations into a device's power supply as it's processing encrypted messages.

  8. myreg

    100 hrs

    If the crack require access to the machine to mess up with the PS, then it will be much more easy to pull out the entire hard drive(s) and that would be made in 3 minutes.


This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2020