ad info
   personal technology

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

CNN Websites
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines

 message boards




E-commerce encryption now vulnerable?

August 30, 1999
Web posted at: 1:41 p.m. EDT (1741 GMT)

by Joris Evers, WebWereld Netherlands

Network World Fusion

(IDG) -- A team of scientists from six different countries led by Herman te Riele of CWI, the Dutch National research institute for mathematics and computer science, has found the prime factors of a 512-bit number. The size of that number models 95% of the keys used for protection of electronic commerce on the Internet.

  Network World Fusion home page
  Free Network World Fusion newsletters
 Reviews & in-depth info at
 *'s bridges & routers page's hubs & switches page
 *'s network operating systems page's network management software page
  Year 2000 World
  Questions about computers? Let's editors help you
  Subscribe to's free daily newsletter for network experts
  Search in 12 languages
 News Radio
 * Fusion audio primers
 * Computerworld Minute

According to the scientists this discovery shows that the popular key size of 512 bits is no longer safe against even a moderately powerful attacker. The amount of money protected by like security keys is immense, as many billions of dollars per day flow through financial institutions such as banks and stock exchanges.

According to CWI's Frans Snijders there are hundreds of thousands 512-bit keys and CWI has cracked only one. "But with the technique we have now we could break every single key," Snijders told Dutch daily NRC Handelsblad. He recommends the standard for encryption to be lifted to 768-bit keys.

The factored key is a model of a so-called 'public key' in the well-known RSA cryptographic system that was designed in the mid-70s by Rivest, Shamir and Adleman at the Massachusetts Institute of Technology in Cambridge, Mass. At present, the 512-bit encryption is used extensively in hardware and software to protect electronic traffic such as in the international version of the Security Sockets Layer handshake protocol.

The factored number, indicated by RSA-155, was taken from the 'RSA Challenge List', which is used as a yardstick for the security of the RSA cryptosystem.

To find the prime factors of RSA-155 about 300 fast SGI and Sun workstations and Pentium PCs were running parallel, continuously - overnight and weekends included - for seven months.

Feds want authority to secretly crack personal computer codes
August 20, 1999
Total digital privacy may be on the horizon
August 18, 1999
Wireless data encryption due for handhelds
August 3, 1999

White House pitches key-access crypto bill
Congress targets exported encryption tech
(Federal Computer Week)
Crypto expert: Most encryption software is insecure
U.S. committees approve encryption bills
(Network World Fusion)
Bankers anticipate code-breaking machine
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

Centrum voor Wiskunde en Informatica (CWI)
CWI press release: Security of E-commerce threatened by 512-bit number factorization
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
Enter keyword(s)   go    help

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.