RSA 1024-bit encryption cracked

[dmex]

Three University of Michigan computer scientists say they have found a way to exploit a weakness in RSA security technology used to protect everything from media players to smartphones and e-commerce servers.

While guessing the 1,000-plus digits of binary code in a private key would take unfathomable hours, the researchers say that by varying electric current to a secured computer using an inexpensive purpose-built device they were able to stress out the computer and figure out the 1,024-bit private key in about 100 hours – all without leaving a trace.

RSA 1024-bit private key encryption cracked - Techworld.com

Researchers find weakness in common digital security system - University of Michigan

 

[cloud8521]

100 hours still seems like alot of time to get into some things XD

 

[arkhi]

Compare that to the possible thousands of thousands of years it would take to simply guess.

 

[cloud8521]

Compare that to the possible thousands of thousands of years it would take to simply guess.

i know, but its still not practical now is it XD

 

[dmex]

Compare that to the possible thousands of thousands of years it would take to simply guess.

i know, but its still not practical now is it XD

No it wouldn't be practical for you maybe since you wouldn't be cracking any encrypted files, e-mails, SSL private keys, PGP encrypted hard-disks, games, consoles, etc.. but their all now vulnerable if you where using less than 1024bit encryption and the majority use 512bit halving the time down to 50 hours required to crack the protected key.

I did find it interesting that starving a machine of power could result in being able to crack the encryption easier. :shock:

 

[Win7User512]

100 hours still seems like alot of time to get into some things XD

100 hours <<<<<<<<<< Age of the Universe (14.5 Billion years)

I did find it interesting that starving a machine of power could result in being able to crack the encryption easier. :shock:

Yes, that is surprising to me as well--And EXTREMELY worrisome.

 

[brady]

Am interested to see this practice being used for other 'cracks'.

 

[Colonel Travis]

To paraphrase Lee Corso - not so fast, my friend.

Put very simply, the U of M researchers “compromised” RSA by performing the elegant equivalent of punching someone in the face until they give you the key. I think we can all agree that this is not a fundamental violation of the algorithm as Engadget suggests, nor is it a flaw that “RSA” (RSA is not an organization) needs to address.

I'm too stupid to verify or reject the U of M claim, just passing along an item I found reading about it.

 

[dmex]

To paraphrase Lee Corso - not so fast, my friend.

Put very simply, the U of M researchers “compromised” RSA by performing the elegant equivalent of punching someone in the face until they give you the key. I think we can all agree that this is not a fundamental violation of the algorithm as Engadget suggests, nor is it a flaw that “RSA” (RSA is not an organization) needs to address.

I'm too stupid to verify or reject the U of M claim, just passing along an item I found reading about it.

Any method that allows anybody to gain access to encrypted data in less than 100 hours is a weakness no matter if they need physical access.

If someone stole your machine you would hope your files are never recovered by the thief. Just think if your doctors laptop or your <inset bank employee or government with your personal data here> laptop was stolen, it would take them less than 100 hours to get all that data and yours.

 

[ccatlett1984]

Physical access for 100hrs? So they have to steal the physical box to do this. This is a reason why we are moving to thinclients for security purposes, running the apps with confidential stuff on the citrix server.

 

[zezasu]

For some reason When I read it I felt some kinda of sadness pass through me and my face started cringing also? Anybody else?

I treat my car well despite pushing it really hard but I make sure its fuel and oil and anything else that needs to be replacement gets fixed. Even halfway full makes me upset. The body of the car is something else but I still try to repair it the best. Anyways it applies for my computer also.

 

[cloud8521]

Physical access for 100hrs? So they have to steal the physical box to do this. This is a reason why we are moving to thinclients for security purposes, running the apps with confidential stuff on the citrix server.

if 24 taught me anything it's that you have a mole who will do this :O lol

 

[rbmorse]

This is a reason why we are moving to thinclients for security purposes, running the apps with confidential stuff on the citrix server.

Wow! Suddenly it's 1965!

(Not being critical...we do the same thing for the same reason).

 

[Colonel Travis]

Any method that allows anybody to gain access to encrypted data in less than 100 hours is a weakness no matter if they need physical access.

If someone stole your machine you would hope your files are never recovered by the thief. Just think if your doctors laptop or your <inset bank employee or government with your personal data here> laptop was stolen, it would take them less than 100 hours to get all that data and yours.

No, this is not the kind of scenario to fear. I finally read the U of M paper, and although some of it's pretty convoluted, there are couple key points that are easy to understand.

1.) You need access to the machine that's doing the encrypting. You can't just take someone's laptop or smartphone, etc. and do this method. You don't need to physically have the encrypting machine, however you need to be close enough for the voltage manipulation. And, in this case, U of M needed access for 104 hours. I wish they had a picture of what their setup looked like. Sounds like it would be easy to notice. Of course, what if no one is looking for such a thing? I don't know. All I'm saying is that whoever tries this method has to be fairly conspicuous for almost an entire work week.

2.) The voltage manipulation involved is pretty sophisticated, in a controlled environment, on a specific type of system. That doesn't diminish what was done, but don't expect RSA breaches all over the world any time soon.

 

[dmex]

No, this is not the kind of scenario to fear. I finally read the U of M paper, and although some of it's pretty convoluted, there are couple key points that are easy to understand.

1.) You need access to the machine that's doing the encrypting. You can't just take someone's laptop or smartphone, etc. and do this method. You don't need to physically have the encrypting machine, however you need to be close enough for the voltage manipulation.

Each machine needs the ability to decrypt/encrypt data before the user is able to work on it, they would have software on their laptops for doing this so unless it was something like a backup tape that disappeared...

And, in this case, U of M needed access for 104 hours. I wish they had a picture of what their setup looked like. Sounds like it would be easy to notice. Of course, what if no one is looking for such a thing? I don't know. All I'm saying is that whoever tries this method has to be fairly conspicuous for almost an entire work week.

2.) The voltage manipulation involved is pretty sophisticated, in a controlled environment, on a specific type of system. That doesn't diminish what was done, but don't expect RSA breaches all over the world any time soon.

Im sure an easy set of instructions will come out on our favorite forum for these things

 

[Colonel Travis]

Each machine needs the ability to decrypt/encrypt data before the user is able to work on it, they would have software on their laptops for doing this so unless it was something like a backup tape that disappeared...

To clarify, this is what the U of M people did:

Our fault-based attack can extract a server’s private key by injecting faults in the server’s hardware, which produces intermittent computational errors during the authentication of a message. We then use our extraction algorithm to compute the private key d from several unique messages m and their corresponding erroneous signatures s.

In other words, it cannot be used against a client computer or device. Now, they also said their method could be used against bus encryption, but you don't find that sort of thing in personal devices, unless you wear a backpack with an ATM in it.

Here's the direct link to their paper in pdf.

By the way, anyone who wants to try this probably has enough information to go by from that pdf. This is what I find amusing about these kind of papers. Under the guise of The University Study, we found a way to screw planet earth and here's how we did it. Of course, security people never stop tweaking. Cat-and-mousing never ends.

 

[spyder5157]

HOW LONG Till the actual method used (Building the voltage regulator, etc.) details are released. Either RSA is paying an ENORMOUS amount of money for them to keep that quiet, or something. I realize they want to wait and present their paper, BUT, why are the details of HOW it is done released.

I know there are a million things to crack, but I will tell you what drives me crazy, the fact that Motorola will NOT unlock the bootloaders on their Android Phones. They are there, but 1024 bit encrypted...I would just love to crack that sucker open. And that is something not illegal, it's my device. (Motorola actually PROMISED to ship all the devices unlocked, and they are.....IN EUROPE.....Here VERIZON SAID you do that, we don't buy...that simple..Corporate BS)..

ANYWAY, like I said, where are the real details of how it is done.

Spyder

 

[lehnerus2000]

Now that a method has been discovered other people will be able to improve on it.

WPA-TKIP was cracked by some researchers.
Several other groups used that info to develop their own methods, which also cracked it.

I wouldn't be surprised if the same thing happens in this case too.

 

[FuturDreamz]

Isn't this more of a hardware issue? where when a chip's voltage is too low to operate properly it should disable itself? encryption chips should do this.

 

[lehnerus2000]

I assume that it is hardware related (based on the article).
It might be possible to reproduce the effect some other way (once it has been thoroughly analysed).