ad info



CNN.com
 MAIN PAGE
 WORLD
 ASIANOW
 U.S.
 LOCAL
 POLITICS
 WEATHER
 BUSINESS
 SPORTS
 TECHNOLOGY
   computing
   personal technology
   space
 NATURE
 ENTERTAINMENT
 BOOKS
 TRAVEL
 FOOD
 HEALTH
 STYLE
 IN-DEPTH
 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz
  CNN WEB SITES:
CNN Websites
 TIME INC. SITES:
 MORE SERVICES:
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines
 pointcast
 pagenet
 DISCUSSION:
 message boards
 chat
 feedback
 SITE GUIDES:
 help
 contents
 search
 FASTER ACCESS:
 europe
 japan
 WEB SERVICES:
COMPUTING

E-commerce encryption now vulnerable?

August 30, 1999
Web posted at: 1:41 p.m. EDT (1741 GMT)

by Joris Evers, WebWereld Netherlands

From...
Network World Fusion

(IDG) -- A team of scientists from six different countries led by Herman te Riele of CWI, the Dutch National research institute for mathematics and computer science, has found the prime factors of a 512-bit number. The size of that number models 95% of the keys used for protection of electronic commerce on the Internet.

MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  Network World Fusion home page
  Free Network World Fusion newsletters
 Reviews & in-depth info at IDG.net
 *   IDG.net's bridges & routers page
  IDG.net's hubs & switches page
 *   IDG.net's network operating systems page
  IDG.net's network management software page
  Year 2000 World
  Questions about computers? Let IDG.net's editors help you
  Subscribe to IDG.net's free daily newsletter for network experts
  Search IDG.net in 12 languages
 News Radio
 * Fusion audio primers
 * Computerworld Minute
   

According to the scientists this discovery shows that the popular key size of 512 bits is no longer safe against even a moderately powerful attacker. The amount of money protected by like security keys is immense, as many billions of dollars per day flow through financial institutions such as banks and stock exchanges.

According to CWI's Frans Snijders there are hundreds of thousands 512-bit keys and CWI has cracked only one. "But with the technique we have now we could break every single key," Snijders told Dutch daily NRC Handelsblad. He recommends the standard for encryption to be lifted to 768-bit keys.

The factored key is a model of a so-called 'public key' in the well-known RSA cryptographic system that was designed in the mid-70s by Rivest, Shamir and Adleman at the Massachusetts Institute of Technology in Cambridge, Mass. At present, the 512-bit encryption is used extensively in hardware and software to protect electronic traffic such as in the international version of the Security Sockets Layer handshake protocol.

The factored number, indicated by RSA-155, was taken from the 'RSA Challenge List', which is used as a yardstick for the security of the RSA cryptosystem.

To find the prime factors of RSA-155 about 300 fast SGI and Sun workstations and Pentium PCs were running parallel, continuously - overnight and weekends included - for seven months.


RELATED STORIES:
Feds want authority to secretly crack personal computer codes
August 20, 1999
Total digital privacy may be on the horizon
August 18, 1999
Wireless data encryption due for handhelds
August 3, 1999
RELATED IDG.net STORIES:
White House pitches key-access crypto bill
(Computerworld)
Congress targets exported encryption tech
(Federal Computer Week)
Crypto expert: Most encryption software is insecure
(Computerworld)
U.S. committees approve encryption bills
(Network World Fusion)
Bankers anticipate code-breaking machine
(Computerworld)
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
RELATED SITES:
Centrum voor Wiskunde en Informatica (CWI)
CWI press release: Security of E-commerce threatened by 512-bit number factorization
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
 LATEST HEADLINES:
SEARCH CNN.com
Enter keyword(s)   go    help
Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.