Side Channel Attack

Topics: Technical Issues
Mar 15, 2015 at 1:01 PM
I was wondering if someone with more knowledge than I, could explain if VeraCrypt is susceptible to this type of attack please ?

http://www.techrepublic.com/article/computer-stored-encryption-keys-are-not-safe-from-side-channel-attacks/
Coordinator
Mar 16, 2015 at 12:12 AM
This type of side channel attacks on cryptographic processing has been known for years. The only new thing is that they came up with a cheaper hardware to perform signal capturing.

To my knowledge, this kind of remote attacks have been demonstrated only for asymmetric cryptography algorithms (RSA, Elliptic curves). This is because these type of operation require huge amount of computations that is reflected on power consumption and associated radio emissions.

Symmetric algorithms like AES are less prone to this kind of remote attacks especially if one uses hardware acceleration (like AES-NI) because of the difficulty to isolate the CPU processing associated them from long distance. Most side channel attacks on symmetric algorithms are executed on the same machine by exploiting CPU information leakage.

As far of VeraCrypt is concerned, only symmetric algorithms are used so remote side channel attacks are very difficult to mount and I would say almost impossible in the real world. As far as I know, there is no published remote side channel attack on symmetric ciphers like AES (I exclude timing attack on padding and error checking because they don't apply to VeraCrypt).
If anyone is aware of any successful remote side channel attack on symmetric ciphers, please post related information.
Mar 16, 2015 at 6:50 PM
That's very reassuring thank you.