From: azur@netcom.com (Steve Schear)
Date: Sat, 19 Oct 1996 19:32:08 -0700 (PDT)
To: John Gilmore <gnu@toad.com>
Subject: Re: IP: - Biham/Shamir Differential Fault Analysis of DES, etc
Message-ID: <v02130502ae8e916a1cfb@[10.0.2.15]>
MIME-Version: 1.0
Content-Type: text/plain


>Note that this attack requires physical access to the DES chip, to
>stress it so it will fail.  It works great against "tamper-proof"
>devices such as smart cards.  It doesn't work against encryption
>happening at any distance from the attacker (e.g. across the network).
>It doesn't work against stored information like PGP-encrypted
>email messages either.
>
>However, it might be possible to use the attack by beaming disruptive
>energies (heat, electrons, microwaves, etc) at a computer which is
>doing a lot of encryption, while simultaneously monitoring that
>computer's activity across a network.
>
>        John

Although using physical/electrical attacks to cause circuit disruptions to
ICs (like smartcard) may be feasible, it appears to be much more difficult
to mount this sort of attack on specially hardened crypto modules, which
can more effectively isolate themselves from invasive sources or detect
them and take action (i.e., key clearance) before an attacker can pry out
their secrets.