Timewaster's Guide Archive

General => Rants and Stuff => Topic started by: Oldie Black Witch on August 02, 2006, 02:18:01 PM

Title: Random Tech Question
Post by: Oldie Black Witch on August 02, 2006, 02:18:01 PM

This question is for the computer-savvy bunch:

Shamir (of RSA fame) presented and published a really cool paper last year on a proven way to break the AES encryption algorithm. The clever part of the method that they used is that they didn't attack the algorithm dead-on. Instead, they retrieved the encryption key by looking at the CPU cache.

So my question is whether there's a way to periodically clear memory caches like the CPU cache and hard drive cache while the computer is running, and whether that would even be a remotely sensible thing to do. (I'm assuming that the caches are cleared when the computer is turned off.) Personally, I don't see how clearing the cache while the computer is running is a good idea in any situation--but I may be wrong.

***Expecting to hear crickets in response.***

Title: Re: Random Tech Question
Post by: Spriggan on August 02, 2006, 02:39:27 PM

ya I have a feeling only SE and Tage would have any clue to this, especially Tage since he's a computer engineer.  But alas he is a lazy bum and is dead to us now, dead I say!

Title: Re: Random Tech Question
Post by: Oldie Black Witch on August 02, 2006, 02:44:57 PM

It must be his new job as a Gucci model. 'Cause, you know, guys are sexy with purses.

Title: Re: Random Tech Question
Post by: The Holy Saint, Grand High Poobah, Master of Monkeys, Ehlers on August 02, 2006, 03:13:46 PM

i'm going to refer this question to my colleague Tage, as it's too simple for me to bother with

(read: I have no idea)

Title: Re: Random Tech Question
Post by: Oldie Black Witch on August 02, 2006, 06:39:08 PM

Actually, this is a really stupid question; by the time the hacker is able to read the CPU cache, he already has access to the computer. Ideally, it wouldn't be all that hard for a hacker that accesses the computer to install a rootkit that would allow him to watch the CPU cache, and from there recover the AES key. But I'm still curious anyway.

In case anyone cares, here's (http://www.wisdom.weizmann.ac.il/~tromer/papers/cache.pdf) the paper, and here is (http://www.stanford.edu/~jbonneau/AES_timing.pdf) a paper that builds on the first for a better attack.

See? Isn't it nifty?  8)

Title: Re: Random Tech Question
Post by: Faster Master St. Pastor on August 03, 2006, 03:56:46 PM

I know a guy that goes to hacker cons in order to better protect both his server and the computers that he works on for his company, and he might know what your talking about. He lives in colorado though...

(Read: I don't know, and I don't have anyway to contact said guy, so it doesn't do any good.)

Title: Re: Random Tech Question
Post by: Chimera on August 03, 2006, 08:26:55 PM

Quote

ya I have a feeling only SE and Tage would have any clue to this, especially Tage since he's a computer engineer.  But alas he is a lazy bum and is dead to us now, dead I say!

Yeah, where is Tage?

I know he is alive, because he posted on my lj today...