diff options
| author | root <root@turin.home> | 2022-03-09 14:18:43 +0000 |
|---|---|---|
| committer | root <root@turin.home> | 2022-03-09 14:18:43 +0000 |
| commit | 2ef9c9c104a9f4d78609c0687adf842215fb5a94 (patch) | |
| tree | 8f382bfd3c83faa9e100b4fa261ce004805bbc67 | |
| parent | 30889aafa0ee5401c5a38e87a3139bca24c47505 (diff) | |
Adding to spectre secion, joining sections in
quantum section 3900 words.
| -rw-r--r-- | paper.ms | 37 | ||||
| -rw-r--r-- | refer | 17 |
2 files changed, 38 insertions, 16 deletions
@@ -194,7 +194,7 @@ hardware'. RISC-V is an instruction set for processors from the University of California at Berkeley; opposed to ARM, Intel, and AMD, RISC-V is an open standard {case for RISC-V}. This allows for open source CPU -implementatios, such as +implementations, such as those designed at UC Berkeley, as well as those from other parties, such as Alibaba Group {chen risc}. A significant amount of existing software has been ported to the RISC-V platform (cite) and alongisde @@ -251,17 +251,20 @@ observation of law enforcement, allowing illegal activity to occur In addition, the rate of development in unconventional computing methods is increasing rapidly. Effective quantum computing will -result in existing popular cryptographic algorithms such as IRSA, which +result in existing popular cryptographic algorithms such as RSA, which is used for communications and digital signatures, no longer being secure {lily chen quantum}. Significant research such as at IBM in recent years (cite) has shown feasibility in current ideas surrounding quantum computing and promising results in development towards quantum supremacy and in the future the breakdown of current cryptographic methods. -Indeed, there have been recent claims to quantum supremacy, +Indeed, both in the US at Google {google supremacy nature} and in China {china +quantum advantage}{science photons quantum advantage} at a university, +claims of `quantum supremacy' have been made, suggesting that quantum computers will soon become powerful enough to start making current encryption methods -obselete. Although this will not be an overnight transformation, changes +obselete. +Although this will not be an overnight transformation, changes will be made by those implementing cryptography, both in the open source space and in industry, as well as in government where government agencies must act in order to protect their data. This @@ -299,17 +302,6 @@ denies wrongdoing there was clearly NSA involvement with the company that remains significant in the enterprise security space {goodin rsa denial}{perlroth government}. -Dual EC DRBG - !! https://wikiless.org/wiki/Dual_EC_DRBG - https://www.reuters.com/article/us-usa-security-rsa-idUSBRE9BJ1C220131220 - https://web.archive.org/web/20131223121638/http://blogs.rsa.com/news-media-2/rsa-response/ - -Significant research is occurring as aforementioned in -the US and in China {quantum research in china}. Both in the US at -Google {google supremacy nature} and in China {china quantum -advantage}{science photons quantum advantage} at a university claims -of `quantum supremacy' have been made. - The question must be asked as to whether the discussion of encryption and surveillance is necessary. @@ -361,7 +353,20 @@ attacks (cite) and voltage level analysis attacks, as well as memory attacks (cold boot, rubber hose ...) (do some light explaining) (cite all) have the potential to overcome any level of sophistication that cryptographic algorithms may have, and simply give away information -such as keys (research, cite). +such as keys (research, cite). In addition to this, there can be +implementational issues in hardware, such as the recent Spectre +vulnerability which was discovered in 2018 and which revealed data to +an attacker due to speculative execution which speeds up processing in +modern processors. The vulnerability allowed for the attack of +cryptographic implementations such as GPG. This is potentially even +more concerning given that processor implementations are proprietary. +This flaw affects practically every modern processor and +indicates the vulnerability in computer hardware, which could be +exploited by any party with sufficient resources. Intel has released +multiple patches for Spectre, however, there remain concerns that +there is a potential for attacks in modern processors including new +processors made after 2018, and are therefore potentially a real +threat to security {kocher spectre} The executive summary to the 9/11 Commission Report {#9/11 commission report} describes the September 2001 terrorist attacks as 'a shock, @@ -310,3 +310,20 @@ %J The New York Times %O https://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/ (Accessed 5 March 2022) + +%A Paul Kocher +%A Jann Horn +%A Anders Fogh +%A Daniel Genkin +%A Daniel Gruss +%A Werner Haas +%A Mike Hamburg +%A Moritz Lipp +%A Stefan Mangard +%A Thomas Prescher +%A Michael Schwarz +%A Yuval Yarom +%T Spectre Attacks: Exploiting Speculative Execution +%D 2019 +%O DOI: 10.1109/SP.2019.00002 + |