- cross-posted to:
- security@lemmy.ml
- hackernews@derp.foo
- cross-posted to:
- security@lemmy.ml
- hackernews@derp.foo
Extracting a secret key by simply watching the flickering of an LED? Sounds implausible but that’s what we’re discussing with Dr Mike Pound!
Author’s page on the attack: Video-Based Cryptanalysis (nassiben.com) Paper: https://bit.ly/C_PowerLED
That’s actually painfully simple, crazy even a phone camera could do it and I expect a custom firmware on a SLR would be able to add a mode that just logs the intensity of the central small square of pixels at incredible speed.
I guess people will have to start salting their encode functions with spurious calculations to try and make it a bit harder.
people will have to start salting their encode functions with spurious calculations to try and make it a bit harder.
Yes … sad and funny. Or make sure the LED’s power supply is decoupled from the calculation. I feel adding extra code to security relevant functions might not be such a great idea. If a tiny extra battery does the job, why not.