Cybersecurity

8158 readers

227 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

[email protected]

Power LED Attack - Computerphile: Reading secret keys by watching the power LED (www.youtube.com)

submitted 2 years ago by [email protected] to c/[email protected]

2 comments fedilink hide all child comments

Extracting a secret key by simply watching the flickering of an LED? Sounds implausible but that's what we're discussing with Dr Mike Pound!

Author’s page on the attack: Video-Based Cryptanalysis (nassiben.com) Paper: https://bit.ly/C_PowerLED

top 2 comments

sorted by: hot top controversial new old

[–] [email protected] 3 points 2 years ago (1 children)

That's actually painfully simple, crazy even a phone camera could do it and I expect a custom firmware on a SLR would be able to add a mode that just logs the intensity of the central small square of pixels at incredible speed.

I guess people will have to start salting their encode functions with spurious calculations to try and make it a bit harder.

[–] [email protected] 2 points 2 years ago

people will have to start salting their encode functions with spurious calculations to try and make it a bit harder.

Yes ... sad and funny. Or make sure the LED's power supply is decoupled from the calculation. I feel adding extra code to security relevant functions might not be such a great idea. If a tiny extra battery does the job, why not.