Researchers Find Major Flaw in RSA Encryption Methods

A very small fraction of the time, the encryption keys used by most websites offer no security at all.

The New York Times: A team of European and American researchers have discovered that RSA encryption, the method most websites use to secure transactions, has a fatal flaw. The problem lies with the algorithms used to create the public keys. A very small fraction of the time, the prime numbers used to generate those keys are not random, meaning that the encryption can be easily broken and essentially offers no security at all.

Out of 7.1 million public keys analyzed, the researchers “stumbled upon” almost 27,000 that offered no security. “Their secret keys are accessible to anyone who takes the trouble to redo our work,” they wrote. “The lack of sophistication of our methods and findings make it hard for us to believe that what we have presented is new, in particular to agencies and parties that are known for their curiosity in such matters.”

Tags: security, research, RSA, Encryption Keys

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.