University of Michigan scientists have discovered a bug in the widely used OpenSSL cryptographic library that may allow an attacker to discover the private key of an RSA keypair without physically tampering with a device or the software running on it.

The researchers demonstrated their attack on a Xilinx Virtex2Pro FPGA configured as a SPARC processor, running Linux kernel 2.6.21 with version 0.9.8i of the OpenSSL library. By carefully regulating the power supplied to the machine, they were able to cause the OpenSSL library to make small errors in calculating cryptographic signatures. After enough of these flawed signatures were collected, the researchers used an 81-machine cluster of 2.4 GHz Intel Pentium4-based systems running Linux, along with a special algorithm, to discover the entire private key used to generate those signatures.

The OpenSSL project is said to be readying a patch for the library to defeat this attack, though The Register quotes an unnamed OpenSSL official who says the attack is difficult to carry out.

It is not yet known if other similar cryptographic libraries may be vulnerable to a similar attack.