“Unfortunately, these promotional parts of the paper are the
sections that focus on the negative implications for OpenSSL. In
the rest of the paper, OpenSSL is merely the software component of
the experiment equipment. They likely could have used GNU TLS or
any other implementation of RSA taken from a book on cryptography1.
But this fact is not even the primary reason that this article
isn’t really that big of a deal for daily use of cryptography.“The experiment described in the paper is very difficult to
reproduce. You have to cause very subtle faults in computation at
specific times. As I understand it, they had to assemble a
specialized hardware copy of a SPARC-based GNU/Linux environment to
accomplish the experiment.”
Ok, Be Afraid if Someone’s Got a Voltmeter Hooked to Your CPU
By
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis