rsa – SSL and internet security news

Breaking RSA with a Quantum Computer

January 3, 2023 infossl

academic papers, china, cryptanalysis, cryptography, quantum computing, rsa, Security technology, Uncategorized

A group of Chinese researchers have just published a paper claiming that they can—although they have not yet done so—break 2048-bit RSA. This is something to take seriously. It might not be correct, but it’s not obviously wrong. We have long known from Shor’s algorithm that factoring with a quantum computer is easy. But it … Read More “Breaking RSA with a Quantum Computer” »

Breaking RSA through Insufficiently Random Primes

March 16, 2022 infossl

cryptanalysis, keys, pgp, random numbers, rsa, Security technology, Uncategorized

Basically, the SafeZone library doesn’t sufficiently randomize the two prime numbers it used to generate RSA keys. They’re too close to each other, which makes them vulnerable to recovery. There aren’t many weak keys out there, but there are some: So far, Böck has identified only a handful of keys in the wild that are … Read More “Breaking RSA through Insufficiently Random Primes” »

The Story of the 2011 RSA Hack

May 27, 2021 infossl

china, cybersecurity, hacking, rsa, Security technology, supply chain, Uncategorized

Really good long article about the Chinese hacking of RSA, Inc. They were able to get copies of the seed values to the SecurID authentication token, a harbinger of supply-chain attacks to come. Powered by WPeMatico

No, RSA Is Not Broken

March 5, 2021 infossl

cryptanalysis, cryptography, rsa, Security technology, Uncategorized

I have been seeing this paper by cryptographer Peter Schnorr making the rounds: “Fast Factoring Integers by SVP Algorithms.” It describes a new factoring method, and its abstract ends with the provocative sentence: “This destroys the RSA cryptosystem.” It does not. At best, it’s an improvement in factoring — and I’m not sure it’s even … Read More “No, RSA Is Not Broken” »

RSA-250 Factored

April 8, 2020 infossl

crowdsourcing, cryptography, encryption, rsa, Security technology

RSA-250 has been factored. This computation was performed with the Number Field Sieve algorithm, using the open-source CADO-NFS software. The total computation time was roughly 2700 core-years, using Intel Xeon Gold 6130 CPUs as a reference (2.1GHz): RSA-250 sieving: 2450 physical core-years RSA-250 matrix: 250 physical core-years The computation involved tens of thousands of machines … Read More “RSA-250 Factored” »

Chinese Hackers Bypassing Two-Factor Authentication

December 26, 2019 infossl

china, hacking, rsa, Security technology, twofactorauthentication

Interesting story of how a Chinese state-sponsored hacking group is bypassing the RSA SecurID two-factor authentication system. How they did it remains unclear; although, the Fox-IT team has their theory. They said APT20 stole an RSA SecurID software token from a hacked system, which the Chinese actor then used on its computers to generate valid … Read More “Chinese Hackers Bypassing Two-Factor Authentication” »

RSA-240 Factored

December 3, 2019 infossl

cryptanalysis, cryptography, encryption, rsa, Security technology

This just in: We are pleased to announce the factorization of RSA-240, from RSA’s challenge list, and the computation of a discrete logarithm of the same size (795 bits): RSA-240 = 12462036678171878406583504460810659043482037465167880575481878888328 966680118821085503603957027250874750986476843845862105486553797025393057189121 768431828636284694840530161441643046806687569941524699318570418303051254959437 1372159029236099 = 509435952285839914555051023580843714132648382024111473186660296521821206469746 700620316443478873837606252372049619334517 * 244624208838318150567813139024002896653802092578931401452041221336558477095178 155258218897735030590669041302045908071447 […] The previous records were RSA-768 (768 bits) in December 2009 [2], and a … Read More “RSA-240 Factored” »

Factoring 2048-bit Numbers Using 20 Million Qubits

October 14, 2019 infossl

academicpapers, cryptanalysis, cryptography, quantumcomputing, rsa, Security technology

This theoretical paper shows how to factor 2048-bit RSA moduli with a 20-million qubit quantum computer in eight hours. It’s interesting work, but I don’t want overstate the risk. We know from Shor’s Algorithm that both factoring and discrete logs are easy to solve on a large, working quantum computer. Both of those are currently … Read More “Factoring 2048-bit Numbers Using 20 Million Qubits” »

Videos and Links from the Public-Interest Technology Track at the RSA Conference

March 8, 2019 infossl

publicinterest, rsa, schneiernews, Security technology, videos

Yesterday at the RSA Conference, I gave a keynote talk about the role of public-interest technologists in cybersecurity. (Video here). I also hosted a one-day mini-track on the topic. We had six panels, and they were all great. If you missed it live, we have videos: How Public Interest Technologists are Changing the World: Matt … Read More “Videos and Links from the Public-Interest Technology Track at the RSA Conference” »

Cybersecurity for the Public Interest

March 5, 2019 infossl

cryptowars, cybersecurity, essays, lawenforcement, nationalsecuritypolicy, publicinterest, rsa, Security technology

The Crypto Wars have been waging off-and-on for a quarter-century. On one side is law enforcement, which wants to be able to break encryption, to access devices and communications of terrorists and criminals. On the other are almost every cryptographer and computer security expert, repeatedly explaining that there’s no way to provide this capability without … Read More “Cybersecurity for the Public Interest” »