In a proof of concept, researchers ran a program calculating cryptographic signatures using the Curve 25519 EdDSA algorithm implemented in libgcrypt on one logical core and their attack program on the other logical core. The attack program could determine the 256-bit encryption key used to calculate the signature with a combination of two milliseconds of observation, followed by 17 seconds of machine-learning-driven guessing and a final fraction of a second of brute-force guessing.More details at ARS Technica, which concludes the overall impact here will likely be limited.
TLBleed attack puts Intel Hyper-Threading at risk
Posted on Tuesday, June 26 2018 @ 15:38 CEST by Thomas De Maesschalck