Why Nostr? What is Njump?
2024-09-03 20:33:19

MossyCode on Nostr: The sophistication of these attacks always blows my mind. "By using an oscilloscope ...

The sophistication of these attacks always blows my mind.

"By using an oscilloscope to measure the electromagnetic radiation while the token is authenticating itself, the researchers can detect tiny execution time differences that reveal a token’s ephemeral ECDSA key, also known as a nonce. Further analysis allows the researchers to extract the secret ECDSA key that underpins the entire security of the token."

https://arstechnica.com/security/2024/09/yubikeys-are-vulnerable-to-cloning-attacks-thanks-to-newly-discovered-side-channel/
Author Public Key
npub1zddnu66dg05c6m97mzdpe3da7qu0ngjnvuzaetwkwu8w9h5lhx4s4fhzsm