Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: RSA 1024-bit encryption cracked

10 Mar 2010   #1

 
RSA 1024-bit encryption cracked

Three University of Michigan computer scientists say they have found a way to exploit a weakness in RSA security technology used to protect everything from media players to smartphones and e-commerce servers.

While guessing the 1,000-plus digits of binary code in a private key would take unfathomable hours, the researchers say that by varying electric current to a secured computer using an inexpensive purpose-built device they were able to stress out the computer and figure out the 1,024-bit private key in about 100 hours – all without leaving a trace.

RSA 1024-bit private key encryption cracked - Techworld.com

Researchers find weakness in common digital security system - University of Michigan

My System SpecsSystem Spec
.

10 Mar 2010   #2

 

100 hours still seems like alot of time to get into some things XD
My System SpecsSystem Spec
10 Mar 2010   #3

Windows 2000 5.0 Build 2195
 
 

Compare that to the possible thousands of thousands of years it would take to simply guess.
My System SpecsSystem Spec
.


10 Mar 2010   #4

 

Quote   Quote: Originally Posted by arkhi View Post
Compare that to the possible thousands of thousands of years it would take to simply guess.
i know, but its still not practical now is it XD
My System SpecsSystem Spec
11 Mar 2010   #5

 

Quote   Quote: Originally Posted by cloud8521 View Post
Quote   Quote: Originally Posted by arkhi View Post
Compare that to the possible thousands of thousands of years it would take to simply guess.
i know, but its still not practical now is it XD
No it wouldn't be practical for you maybe since you wouldn't be cracking any encrypted files, e-mails, SSL private keys, PGP encrypted hard-disks, games, consoles, etc.. but their all now vulnerable if you where using less than 1024bit encryption and the majority use 512bit halving the time down to 50 hours required to crack the protected key.

I did find it interesting that starving a machine of power could result in being able to crack the encryption easier.
My System SpecsSystem Spec
11 Mar 2010   #6

Windows 7 x64 / Same
 
 

Quote   Quote: Originally Posted by cloud8521 View Post
100 hours still seems like alot of time to get into some things XD

100 hours <<<<<<<<<< Age of the Universe (14.5 Billion years)


Quote   Quote: Originally Posted by dmex View Post
I did find it interesting that starving a machine of power could result in being able to crack the encryption easier.
Yes, that is surprising to me as well--And EXTREMELY worrisome.
My System SpecsSystem Spec
11 Mar 2010   #7

 

Am interested to see this practice being used for other 'cracks'.
My System SpecsSystem Spec
11 Mar 2010   #8

Black Label 7 x64
 
 

To paraphrase Lee Corso - not so fast, my friend.

Quote:
Put very simply, the U of M researchers “compromised” RSA by performing the elegant equivalent of punching someone in the face until they give you the key. I think we can all agree that this is not a fundamental violation of the algorithm as Engadget suggests, nor is it a flaw that “RSA” (RSA is not an organization) needs to address.
I'm too stupid to verify or reject the U of M claim, just passing along an item I found reading about it.
My System SpecsSystem Spec
11 Mar 2010   #9

 

Quote   Quote: Originally Posted by Colonel Travis View Post
To paraphrase Lee Corso - not so fast, my friend.

Quote:
Put very simply, the U of M researchers “compromised” RSA by performing the elegant equivalent of punching someone in the face until they give you the key. I think we can all agree that this is not a fundamental violation of the algorithm as Engadget suggests, nor is it a flaw that “RSA” (RSA is not an organization) needs to address.
I'm too stupid to verify or reject the U of M claim, just passing along an item I found reading about it.
Any method that allows anybody to gain access to encrypted data in less than 100 hours is a weakness no matter if they need physical access.

If someone stole your machine you would hope your files are never recovered by the thief. Just think if your doctors laptop or your <inset bank employee or government with your personal data here> laptop was stolen, it would take them less than 100 hours to get all that data and yours.
My System SpecsSystem Spec
11 Mar 2010   #10

 

Physical access for 100hrs? So they have to steal the physical box to do this. This is a reason why we are moving to thinclients for security purposes, running the apps with confidential stuff on the citrix server.
My System SpecsSystem Spec
Reply

 RSA 1024-bit encryption cracked




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 01:04 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33